Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Security issue #629

Closed
bousalman opened this issue Dec 17, 2020 · 2 comments
Closed

Security issue #629

bousalman opened this issue Dec 17, 2020 · 2 comments

Comments

@bousalman
Copy link

bousalman commented Dec 17, 2020

Hi there,

I was using your web application and noticed that it's vulnerable to SQL injection attack. any unauthenticated user can send malicious payload on the query string and trigger a time-based SQL injection attack to the underling database service.

you can test it by sending the following HTTP request and notice the effect on the database which will be slept for 5 seconds.

I was running the latest version of spotweb 1.4.9 on my Ubuntu server 18.04 LTS with MySQL 5.7

Regards,

@Sweepr
Copy link
Collaborator

Sweepr commented Dec 17, 2020

Thank you, i have edited your post to prevent malicious user exploiting this.

We will have a look a.s.a.p.

@carnil
Copy link

carnil commented Dec 18, 2020

CVE-2020-35545 appears to have been assigned to this issue.

Sweepr added a commit that referenced this issue Dec 20, 2020
Fix for issue: #629 
- Sanitize query string to prevent time based and other possible SQL injections.
mesa57 added a commit that referenced this issue Dec 20, 2020
@Sweepr Sweepr closed this as completed Dec 20, 2020
Sweepr added a commit that referenced this issue Dec 22, 2020
Fix for #632

Using double qoutes when searching causes query to use "IN BOOLEAN MODE",. "IN" was listed as not allowed SQL commands and triggered the security fix #629
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

3 participants