vendor:
Active PHP Bookmarks
by:
Mr.Elgaarh
7.5
CVSS
HIGH
Remote SQL Injection
89
CWE
Product Name: Active PHP Bookmarks
Affected Version From: Active PHP Bookmarks v1.3
Affected Version To: Active PHP Bookmarks v1.3
Patch Exists: NO
Related CWE: N/A
CPE: a:active_php_bookmarks:active_php_bookmarks:1.3
Metasploit:
N/A
Other Scripts:
N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References:
N/A
Nuclei Metadata: N/A
Platforms Tested: N/A
2009
Active PHP Bookmarks v1.3 Remote SQL Injection Vulnerability
Mr.Elgaarh discovered a Remote SQL Injection vulnerability in Active PHP Bookmarks v1.3. An attacker can exploit this vulnerability by sending a maliciously crafted HTTP request to the vulnerable server. The attacker can use the Dork “Powered by Active PHP Bookmarks v1.3” inurl:.view_group.php?id= to search for vulnerable servers. The attacker can then use the union select statement to extract the admin username and password from the apb_users table. The admin panel path is http://server/path/cookie_auth.php?action=cookie_login.
Mitigation:
Developers should ensure that user input is properly sanitized and validated before being used in SQL queries. Additionally, developers should use parameterized queries to prevent SQL injection attacks.