FoxCMS SQL Injection Vulnerability in Images.php Controller
Vulnerability
A SQL injection vulnerability has been identified in FoxCMS versions through 1.24. The issue resides in the 'batchCope' function of the 'Images.php' controller, where the 'ids' parameter is directly concatenated into an SQL statement without proper sanitization. This flaw allows for remote exploitation, with a public proof-of-concept available.
Impact
Exploitation of this vulnerability allows for SQL injection, where an attacker can manipulate database queries. This could lead to unauthorized data access, data manipulation, or in some cases, executing administrative operations on the database.
Reproduction
To reproduce this vulnerability, send a POST request to '/admin3953/images/batchCope.html' with the 'ids' parameter. The request should include a crafted SQL payload that exploits the injection flaw. The SQL injection can be verified by observing the application's response to different 'ids' values, such as '62) and 1=1--', which indicates successful injection by altering the SQL query's logic.
Vulnerability Rating
Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.