Login Sign Up

CVE-2018-17048

7.5 HIGH
SQL Injection

📋 TL;DR

This SQL injection vulnerability in FDCMS 4.2 allows attackers to execute arbitrary SQL commands through the admin/Lib/Action/FpluginAction.class.php component. This affects all installations of FDCMS 4.2 that have the vulnerable file present. Attackers could potentially access, modify, or delete database content.

💻 Affected Systems

Products:
  • FDCMS (Fangfa Content Manage System)
Versions: 4.2
Operating Systems: All
Default Config Vulnerable: ⚠️ Yes
Notes: Requires admin access to exploit the vulnerable FpluginAction.class.php file.

📦 What is this software?

Fdcms by Fangfa

View all CVEs affecting Fdcms →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete database compromise leading to data theft, data destruction, or full system takeover via subsequent attacks.

🟠

Likely Case

Unauthorized data access, privilege escalation, or data manipulation in the CMS database.

🟢

If Mitigated

Limited impact with proper input validation and database permissions restricting damage to non-critical data.

🌐 Internet-Facing: HIGH
🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ⚠️ Yes
Weaponized: LIKELY
Unauthenticated Exploit: ✅ No
Complexity: LOW

Exploitation requires admin-level access to the CMS. SQL injection techniques are well-documented and easily weaponized.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Check GitHub commits for fixes

Vendor Advisory: http://www.fangfacms.com/

Restart Required: No

Instructions:

1. Check the GitHub repository for security commits. 2. Apply input validation/sanitization to FpluginAction.class.php. 3. Update to a patched version if available.

🔧 Temporary Workarounds

Input Validation Implementation

all

Add parameter validation and SQL injection prevention to the vulnerable file

Edit admin/Lib/Action/FpluginAction.class.php to implement prepared statements or parameterized queries

Access Restriction

all

Restrict access to admin functionality

Configure web server to restrict access to admin directory
Implement IP whitelisting for admin panel

🧯 If You Can't Patch

  • Implement web application firewall (WAF) with SQL injection rules
  • Isolate the CMS system from sensitive networks and databases

🔍 How to Verify

Check if Vulnerable:

Check if admin/Lib/Action/FpluginAction.class.php exists and contains unsanitized SQL queries

Check Version:

Check CMS version in configuration files or admin panel

Verify Fix Applied:

Verify that input parameters are properly validated and SQL queries use prepared statements

📡 Detection & Monitoring

Log Indicators:

  • Unusual SQL queries in database logs
  • Multiple failed login attempts to admin panel
  • Unexpected database schema changes

Network Indicators:

  • SQL error messages in HTTP responses
  • Unusual database connection patterns from web server

SIEM Query:

source="web_logs" AND ("sql" OR "database" OR "select" OR "union") AND status=200 AND uri="*/admin/*"

📊 Metadata

CVE ID: CVE-2018-17048
CVSS v3 Score: 7.5 (HIGH)
CVSS Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
CWE: CWE-89
Published: May 16, 2019
Last Updated: November 21, 2024

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2018-17048, you might also want to check these:

CVE-2024-8522 10.0

This vulnerability allows unauthenticated attackers to perform SQL injection attacks on WordPress si...

Same vulnerability type (CWE-89)
CVE-2024-13152 10.0

This SQL injection vulnerability in BSS Software's Mobuy Online Machinery Monitoring Panel allows at...

Same vulnerability type (CWE-89)
CVE-2021-42311 10.0

CVE-2021-42311 is a critical SQL injection vulnerability in Microsoft Defender for IoT that allows r...

Same vulnerability type (CWE-89)