| VID |
210093 |
| Severity |
30 |
| Port |
80, ... |
| Protocol |
TCP |
| Class |
CGI |
| Detailed Description |
The RunCMS software is vulnerable to an SQL injection vulnerability via the 'CLIENT-IP' HTTP header. RunCMS / E-Xoops is a freely available community management system written in PHP, developed from XOOPS. RUNCMS version 1.6.1 and earlier versions could allow a remote attacker to execute specially-crafted SQL commands, caused by improper validation of user-supplied input passed to the 'Client-Ip' request header before using it in a database query in the 'newbb_plus' module. This vulnerability could permit a remote attacker to pass malicious input to database queries, potentially resulting in data exposure, modification of the query logic, or even data modification or attacks against the database itself.
* References:
http://www.milw0rm.com/exploits/4845
http://secunia.com/advisories/28340
* Platforms Affected:
RunCMS version 1.6.1 and earlier versions
RunCMS, Newbb_plus module for RunCMS version 0.92 and earlier versions
Any operating system Any version |
| Recommendation |
No upgrade or patch available as of June 2014.
As a workaround, edit the source code to ensure that input is properly sanitized. |
| Related URL |
CVE-2008-0224 (CVE) |
| Related URL |
27152 (SecurityFocus) |
| Related URL |
39478 (ISS) |
|
