cbcvebase.
CVE-2012-1124
published 2020-02-11

CVE-2012-1124: SQL injection vulnerability in search.php in phxEventManager 2.0 beta 5 allows remote attackers to execute arbitrary SQL commands via the search_terms…

PriorityP264critical9.8CVSS 3.1
AVNACLPRNUINSUCHIHAH
EXPLOIT
EPSS
4.27%
89.8th percentile
SQL injection vulnerability in search.php in phxEventManager 2.0 beta 5 allows remote attackers to execute arbitrary SQL commands via the search_terms parameter.

Affected

2 ranges
VendorProductVersion rangeFixed in
phxeventmanagerphxeventmanager
phxeventmanager_projectphxeventmanager

Detection & IOCsextracted from sources · hover to see the quote

urlhttp://vulnsite.com/path_to_pem/search.php?
pathsearch.php
commanddatasubmit=1&searchtype=events&s_event_names=on&s_event_descriptions=on&s_event_presenters=on&s_event_contacts=on&search_terms='
  • Monitor POST requests to search.php with a search_terms parameter containing a single quote or other SQL metacharacters, which triggers a visible MDB2 SQL syntax error in the response.
  • Error-based SQL injection can be confirmed by the presence of 'MDB2 Error: syntax error' in the HTTP response body, leaking the backend query structure.
  • Use the Google dork 'intext: "Powered by phxEventManager"' to identify exposed instances of the vulnerable application.
  • The injection point is the search_terms POST parameter in search.php; the datasubmit=1 field must also be present for the query to execute.
  • ·The exploit was tested specifically on Apache/*nix environments running phxEventManager 2.0 Beta 5; behavior on other platforms may differ.

CVSS provenance

nvdv3.19.8CRITICALCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
nvdv2.07.5HIGHAV:N/AC:L/Au:N/C:P/I:P/A:P
CVEs like this are exactly what “Exploited This Week” covers.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.