Login Sign Up

CVE-2017-17580

9.8 CRITICAL
SQL Injection

📋 TL;DR

CVE-2017-17580 is a critical SQL injection vulnerability in FS Linkedin Clone 1.0 that allows attackers to execute arbitrary SQL commands through multiple parameters. This affects all installations of FS Linkedin Clone 1.0, potentially compromising the entire database and application.

💻 Affected Systems

Products:
  • FS Linkedin Clone
Versions: 1.0
Operating Systems: All
Default Config Vulnerable: ⚠️ Yes
Notes: All installations of version 1.0 are vulnerable. The vulnerability exists in multiple PHP files (group.php, profile.php, company_details.php).

📦 What is this software?

Linkedin Clone by Linkedin Clone Project

View all CVEs affecting Linkedin Clone →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete database compromise leading to data theft, data destruction, authentication bypass, and potential remote code execution via database functions.

🟠

Likely Case

Database information disclosure, user data theft, and potential privilege escalation within the application.

🟢

If Mitigated

Limited impact with proper input validation and parameterized queries in place.

🌐 Internet-Facing: HIGH
🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ⚠️ Yes
Weaponized: CONFIRMED
Unauthenticated Exploit: ⚠️ Yes
Complexity: LOW

Multiple public exploit scripts available. Exploitation requires no authentication and is trivial with automated tools.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Unknown

Vendor Advisory: None known

Restart Required: No

Instructions:

No official patch available. Consider migrating to a maintained alternative or implementing custom fixes with parameterized queries.

🔧 Temporary Workarounds

Input Validation and Sanitization

all

Implement strict input validation and parameterized queries for all user inputs in group.php, profile.php, and company_details.php

Web Application Firewall (WAF)

all

Deploy a WAF with SQL injection protection rules to block malicious requests

🧯 If You Can't Patch

  • Isolate the application behind a reverse proxy with strict input filtering
  • Implement network segmentation and restrict database access to only necessary hosts

🔍 How to Verify

Check if Vulnerable:

Test parameters in group.php?grid=, profile.php?fid=, company_details.php?id= with SQL injection payloads like ' OR '1'='1

Check Version:

Check application version in source code or configuration files

Verify Fix Applied:

Verify that SQL injection payloads no longer work and that parameterized queries are implemented

📡 Detection & Monitoring

Log Indicators:

  • Unusual SQL error messages in application logs
  • Multiple failed login attempts following SQL injection patterns
  • Requests with SQL keywords in parameters

Network Indicators:

  • HTTP requests containing SQL injection patterns to vulnerable endpoints
  • Unusual database query patterns from application server

SIEM Query:

source="web_logs" AND (uri="*group.php*" OR uri="*profile.php*" OR uri="*company_details.php*") AND (param="*' OR*" OR param="*UNION*" OR param="*SELECT*" OR param="*--*" OR param="*/*")

📊 Metadata

CVE ID: CVE-2017-17580
CVSS v3 Score: 9.8 (CRITICAL)
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CWE: CWE-89
Published: December 13, 2017
Last Updated: April 20, 2025

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2017-17580, you might also want to check these:

CVE-2024-8522 10.0

This vulnerability allows unauthenticated attackers to perform SQL injection attacks on WordPress si...

Same vulnerability type (CWE-89)
CVE-2024-13152 10.0

This SQL injection vulnerability in BSS Software's Mobuy Online Machinery Monitoring Panel allows at...

Same vulnerability type (CWE-89)
CVE-2021-42311 10.0

CVE-2021-42311 is a critical SQL injection vulnerability in Microsoft Defender for IoT that allows r...

Same vulnerability type (CWE-89)