Login Sign Up

CVE-2017-17587

9.8 CRITICAL
SQL Injection

📋 TL;DR

This vulnerability allows attackers to execute arbitrary SQL commands through multiple parameters in FS Indiamart Clone 1.0. Successful exploitation could lead to data theft, authentication bypass, or complete system compromise. Anyone running this specific e-commerce clone software is affected.

💻 Affected Systems

Products:
  • FS Indiamart Clone
Versions: 1.0
Operating Systems: All platforms running PHP/MySQL
Default Config Vulnerable: ⚠️ Yes
Notes: Vulnerability exists in multiple endpoints: catcompany.php, buyleads-details.php, and company/index.php

📦 What is this software?

Indiamart Clone by Indiamart Clone Project

View all CVEs affecting Indiamart Clone →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete database compromise allowing data exfiltration, authentication bypass, privilege escalation, and potential remote code execution through database functions.

🟠

Likely Case

Unauthorized access to sensitive business data including customer information, transaction records, and company details stored in the database.

🟢

If Mitigated

Limited impact with proper input validation and database permission restrictions, potentially only allowing data viewing without modification.

🌐 Internet-Facing: HIGH
🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ⚠️ Yes
Weaponized: CONFIRMED
Unauthenticated Exploit: ⚠️ Yes
Complexity: LOW

Multiple public exploit scripts available, requires no authentication, and uses simple SQL injection techniques

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Unknown

Vendor Advisory: None available

Restart Required: No

Instructions:

No official patch available. Consider replacing with secure software or implementing custom fixes.

🔧 Temporary Workarounds

Input Validation and Parameterized Queries

all

Implement proper input validation and use prepared statements/parameterized queries for all database operations

Web Application Firewall (WAF)

all

Deploy WAF with SQL injection protection rules to block malicious requests

🧯 If You Can't Patch

  • Isolate the application behind a reverse proxy with strict input filtering
  • Implement database-level controls: minimal privileges, stored procedures, and regular auditing

🔍 How to Verify

Check if Vulnerable:

Test parameters with SQL injection payloads: catcompany.php?token=1' OR '1'='1, buyleads-details.php?id=1' OR '1'='1, company/index.php?c=1' OR '1'='1

Check Version:

Check software version in admin panel or configuration files

Verify Fix Applied:

Verify that SQL injection payloads no longer return database errors or unexpected data

📡 Detection & Monitoring

Log Indicators:

  • Unusual SQL syntax in URL parameters
  • Multiple failed login attempts from single IP
  • Database error messages in application logs

Network Indicators:

  • HTTP requests containing SQL keywords (SELECT, UNION, etc.) in parameters
  • Unusual database query patterns

SIEM Query:

source="web_logs" AND (url="*catcompany.php*" OR url="*buyleads-details.php*" OR url="*company/index.php*") AND (param="*' OR*" OR param="*UNION*" OR param="*SELECT*" OR param="*--*" OR param="*/*")

📊 Metadata

CVE ID: CVE-2017-17587
CVSS v3 Score: 9.8 (CRITICAL)
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CWE: CWE-89
Published: December 13, 2017
Last Updated: April 20, 2025

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2017-17587, you might also want to check these:

CVE-2024-8522 10.0

This vulnerability allows unauthenticated attackers to perform SQL injection attacks on WordPress si...

Same vulnerability type (CWE-89)
CVE-2024-13152 10.0

This SQL injection vulnerability in BSS Software's Mobuy Online Machinery Monitoring Panel allows at...

Same vulnerability type (CWE-89)
CVE-2021-42311 10.0

CVE-2021-42311 is a critical SQL injection vulnerability in Microsoft Defender for IoT that allows r...

Same vulnerability type (CWE-89)