CVE-2021-47766
BaseFortify
Publication date: 2026-01-15
Last updated on: 2026-01-15
Assigner: VulnCheck
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| levelprograms | kmaleon | 1.1.0.205 |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-89 | The product constructs all or part of an SQL command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended SQL command when it is sent to a downstream component. Without sufficient removal or quoting of SQL syntax in user-controllable inputs, the generated SQL query can cause those inputs to be interpreted as SQL instead of ordinary user data. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability is an authenticated SQL injection in the 'tipocomb' parameter of the kmaleonW.php script in Kmaleon version 1.1.0.205. An attacker with valid credentials can inject malicious SQL code through this parameter to manipulate database queries. The injection can be performed using boolean-based, error-based, and time-based blind SQL injection techniques, allowing the attacker to extract or manipulate sensitive database information. [2]
How can this vulnerability impact me? :
Exploiting this vulnerability can allow an authenticated attacker to access, extract, or manipulate sensitive data stored in the backend database of the Kmaleon application. This could lead to unauthorized disclosure of confidential information, data integrity issues, and potentially disrupt the normal operation of the application. [2]
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability can be detected by testing the 'tipocomb' parameter in the kmaleonW.php script for SQL injection using authenticated requests. Example payloads to test include boolean-based, error-based, and time-based SQL injection techniques. Example commands using curl (assuming authentication cookie or credentials are set) could be: 1. Boolean-based test: curl -b 'auth_cookie=your_auth_cookie' 'http://target/kmaleonW.php?tipocomb=-9144 OR 6836=6836' 2. Error-based test: curl -b 'auth_cookie=your_auth_cookie' "http://target/kmaleonW.php?tipocomb= OR (SELECT 8426 FROM(SELECT COUNT(*),CONCAT(0x7176716b71,(SELECT (ELT(8426=8426,1))),0x716a707671,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.PLUGINS GROUP BY x)a)" 3. Time-based test: curl -b 'auth_cookie=your_auth_cookie' "http://target/kmaleonW.php?tipocomb= OR (SELECT 2738 FROM (SELECT(SLEEP(5)))EYSv)" Monitoring response differences or delays can indicate the presence of the vulnerability. [2]
What immediate steps should I take to mitigate this vulnerability?
Immediate mitigation steps include: 1. Restrict access to the Kmaleon application to trusted users only, since the vulnerability requires authentication. 2. Apply input validation and parameterized queries or prepared statements on the 'tipocomb' parameter to prevent SQL injection. 3. If a patch or update is available from the vendor, apply it promptly. 4. Monitor logs for suspicious activity related to the 'tipocomb' parameter. 5. Consider temporarily disabling or restricting the vulnerable functionality until a fix is applied. [2]