CVE-2017-17892
📋 TL;DR
This vulnerability allows attackers to execute arbitrary SQL commands through the 'chnlid' parameter in viewsubs.php or the 'search' parameter in search_video.php in Readymade Video Sharing Script. This affects all deployments of the vulnerable script versions, potentially exposing database contents and enabling further system compromise.
💻 Affected Systems
- Readymade Video Sharing Script
📦 What is this software?
Readymade Video Sharing Script by Readymade Video Sharing Script Project
⚠️ Risk & Real-World Impact
Worst Case
Complete database compromise leading to data theft, authentication bypass, remote code execution, and full system takeover.
Likely Case
Database information disclosure, including user credentials, personal data, and administrative access.
If Mitigated
Limited impact with proper input validation and database permissions restricting damage to non-sensitive data.
🎯 Exploit Status
SQL injection via URL parameters requires minimal technical skill. Public proof-of-concept demonstrates exploitation.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: Unknown
Vendor Advisory: Not available
Restart Required: No
Instructions:
1. Replace vulnerable files with patched versions if available. 2. Manually implement parameterized queries or input validation. 3. Remove or disable vulnerable scripts if not needed.
🔧 Temporary Workarounds
Input Validation Filter
allAdd input validation to filter SQL injection attempts in vulnerable parameters
Modify viewsubs.php and search_video.php to sanitize chnlid and search parameters using preg_replace('/[^a-zA-Z0-9]/', '', $input)
Web Application Firewall Rule
allBlock SQL injection patterns at the WAF level
Add WAF rule to block requests containing SQL keywords in chnlid or search parameters
🧯 If You Can't Patch
- Implement network segmentation to isolate the vulnerable system
- Deploy a web application firewall with SQL injection protection rules
🔍 How to Verify
Check if Vulnerable:
Test by appending SQL injection payloads to chnlid or search parameters (e.g., viewsubs.php?chnlid=1' OR '1'='1)Check Version:
Check script version in admin panel or source code commentsVerify Fix Applied:
Attempt SQL injection tests and verify they are blocked or sanitized📡 Detection & Monitoring
Log Indicators:
- Unusual SQL errors in web server logs
- Multiple requests with SQL keywords in parameters
- Long parameter values in chnlid or search fields
Network Indicators:
- HTTP requests containing SQL injection patterns in query strings
- Unusual database connection patterns from web server
SIEM Query:
source="web_logs" AND (url="*viewsubs.php*" OR url="*search_video.php*") AND (query="*' OR*" OR query="*UNION*" OR query="*SELECT*" OR query="*INSERT*")