CVE-2015-4118

ISPConfig < 3.0.5.4 - Authenticated SQL Injection via server Parameter

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2015-4118. PoCs published by High-Tech Bridge SA.

AI-analyzed exploit summary The advisory details two vulnerabilities in ISPConfig: an SQL injection (CVE-2015-4118) and a CSRF vulnerability (CVE-2015-4119). The SQL injection allows authenticated users with 'monitor' privileges to execute arbitrary SQL commands, while the CSRF vulnerability enables remote attackers to create administrative accounts by tricking authenticated administrators into visiting a crafted page.

Description

SQL injection vulnerability in monitor/show_sys_state.php in ISPConfig before 3.0.5.4p7 allows remote authenticated users with monitor permissions to execute arbitrary SQL commands via the server parameter. NOTE: this can be leveraged by remote attackers using CVE-2015-4119.2.

Exploits (1)

exploitdb WRITEUP

by High-Tech Bridge SA · textwebappsphp

https://www.exploit-db.com/exploits/37259

View Code ZIP pw:eip

The advisory details two vulnerabilities in ISPConfig: an SQL injection (CVE-2015-4118) and a CSRF vulnerability (CVE-2015-4119). The SQL injection allows authenticated users with 'monitor' privileges to execute arbitrary SQL commands, while the CSRF vulnerability enables remote attackers to create administrative accounts by tricking authenticated administrators into visiting a crafted page.

Classification

Writeup 100%

Attack Type

Sqli | Auth Bypass

Complexity

Moderate

Reliability

Reliable

Target: ISPConfig 3.0.5.4p6 and prior

Auth required

Prerequisites: Authenticated user with 'monitor' privileges for SQLi · Authenticated administrator for CSRF

MITRE ATT&CK