Login Sign Up

CVE-2017-17634

9.8 CRITICAL
SQL Injection

📋 TL;DR

CVE-2017-17634 is a critical SQL injection vulnerability in Single Theater Booking Script 3.2.1 that allows attackers to execute arbitrary SQL commands via the findcity.php q parameter. This affects all deployments of this specific booking script version, potentially exposing database contents including user credentials and payment information.

💻 Affected Systems

Products:
  • Single Theater Booking Script
Versions: 3.2.1
Operating Systems: Any OS running PHP
Default Config Vulnerable: ⚠️ Yes
Notes: Affects all installations of version 3.2.1 regardless of configuration.

📦 What is this software?

Single Theater Booking Script by Single Theater Booking Script Project

View all CVEs affecting Single Theater Booking Script →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete database compromise leading to data theft, authentication bypass, remote code execution, and full system takeover.

🟠

Likely Case

Database information disclosure including user credentials, personal data, and potentially payment information.

🟢

If Mitigated

Limited impact with proper input validation and parameterized queries preventing SQL injection.

🌐 Internet-Facing: HIGH
🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ⚠️ Yes
Weaponized: CONFIRMED
Unauthenticated Exploit: ⚠️ Yes
Complexity: LOW

Multiple public exploit scripts available with simple HTTP requests.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Unknown

Vendor Advisory: Not available

Restart Required: No

Instructions:

No official patch available. Consider upgrading to a newer version if available or implementing workarounds.

🔧 Temporary Workarounds

Input Validation and Sanitization

all

Add input validation and parameterized queries to findcity.php

Modify findcity.php to use prepared statements with PDO or mysqli

Web Application Firewall (WAF)

all

Deploy WAF rules to block SQL injection patterns

Configure WAF to block SQL injection patterns in POST/GET parameters

🧯 If You Can't Patch

  • Implement network segmentation to isolate the vulnerable system
  • Deploy intrusion detection systems to monitor for exploitation attempts

🔍 How to Verify

Check if Vulnerable:

Test findcity.php with SQL injection payloads like ' OR '1'='1 in q parameter

Check Version:

Check script version in admin panel or configuration files

Verify Fix Applied:

Test with SQL injection payloads after implementing parameterized queries

📡 Detection & Monitoring

Log Indicators:

  • Unusual SQL error messages in web logs
  • Multiple requests to findcity.php with SQL keywords

Network Indicators:

  • HTTP requests to findcity.php containing SQL injection patterns

SIEM Query:

source="web_logs" AND uri="*findcity.php*" AND (query="*OR*" OR query="*UNION*" OR query="*SELECT*" OR query="*INSERT*")

📊 Metadata

CVE ID: CVE-2017-17634
CVSS v3 Score: 9.8 (CRITICAL)
CVSS Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CWE: CWE-89
Published: December 13, 2017
Last Updated: April 20, 2025

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2017-17634, you might also want to check these:

CVE-2024-8522 10.0

This vulnerability allows unauthenticated attackers to perform SQL injection attacks on WordPress si...

Same vulnerability type (CWE-89)
CVE-2024-13152 10.0

This SQL injection vulnerability in BSS Software's Mobuy Online Machinery Monitoring Panel allows at...

Same vulnerability type (CWE-89)
CVE-2021-42311 10.0

CVE-2021-42311 is a critical SQL injection vulnerability in Microsoft Defender for IoT that allows r...

Same vulnerability type (CWE-89)