CVE-2020-25990 – This SQL injection vulnerability in WebsiteBake... (How to Fix)

Q: What is the severity of CVE-2020-25990?

CVE-2020-25990 has a CVSS score of 9.8 (CRITICAL). This SQL injection vulnerability in WebsiteBaker 2.12.2 allows attackers to execute arbitrary SQL commands via the 'display_name' parameter in the preferences save function. Attackers can potentially access, modify, or delete database content, including user credentials and sensitive application data. All systems running vulnerable versions of WebsiteBaker are affected.

📋 TL;DR

This SQL injection vulnerability in WebsiteBaker 2.12.2 allows attackers to execute arbitrary SQL commands via the 'display_name' parameter in the preferences save function. Attackers can potentially access, modify, or delete database content, including user credentials and sensitive application data. All systems running vulnerable versions of WebsiteBaker are affected.

💻 Affected Systems

Products:

WebsiteBaker CMS

Versions: 2.12.2 and possibly earlier versions

Operating Systems: All

Default Config Vulnerable: ⚠️ Yes

Notes: Requires admin access to reach the vulnerable endpoint /websitebaker/admin/preferences/save.php

📦 What is this software?

Websitebaker by Websitebaker

View all CVEs affecting Websitebaker →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete database compromise leading to data theft, data destruction, privilege escalation to admin, and potential remote code execution via database functions.

🟠

Likely Case

Unauthorized data access and modification, credential theft, and potential administrative access to the WebsiteBaker application.

🟢

If Mitigated

Limited impact with proper input validation and parameterized queries preventing SQL injection.

🌐 Internet-Facing: HIGH

🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ⚠️ Yes

Weaponized: LIKELY

Unauthenticated Exploit: ✅ No

Complexity: LOW

Exploit requires admin authentication but SQL injection is straightforward once authenticated.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: 2.12.3 or later

Vendor Advisory: https://websitebaker.org/pages/en/home.php

Restart Required: No

Instructions:

1. Backup your WebsiteBaker installation and database. 2. Download the latest version from websitebaker.org. 3. Replace all files with the new version. 4. Run any database update scripts if provided.

🔧 Temporary Workarounds

Input Validation Filter

all

Add input validation to sanitize the display_name parameter before processing

Modify /websitebaker/admin/preferences/save.php to validate display_name input

WAF Rule

all

Implement web application firewall rules to block SQL injection patterns

Add WAF rule to detect and block SQL injection attempts on display_name parameter

🧯 If You Can't Patch

Restrict access to /websitebaker/admin/ directory to trusted IP addresses only
Implement strong authentication controls and monitor admin account activity

🔍 How to Verify

Check if Vulnerable:

Check if WebsiteBaker version is 2.12.2 or earlier and review /websitebaker/admin/preferences/save.php for unsanitized display_name parameter usage

Check Version:

Check /websitebaker/framework/CHANGELOG.txt or admin interface for version information

Verify Fix Applied:

Verify version is 2.12.3 or later and test that display_name parameter is properly sanitized

📡 Detection & Monitoring

Log Indicators:

Unusual SQL queries in database logs
Multiple failed login attempts followed by admin access
Suspicious activity in /websitebaker/admin/preferences/save.php

Network Indicators:

POST requests to /websitebaker/admin/preferences/save.php with SQL injection patterns in display_name parameter

SIEM Query:

source="web_logs" AND uri="/websitebaker/admin/preferences/save.php" AND (display_name CONTAINS "' OR" OR display_name CONTAINS "UNION" OR display_name CONTAINS "SELECT" OR display_name CONTAINS "--")

📊 Metadata

CVE ID: CVE-2020-25990

CVSS v3 Score: 9.8 (CRITICAL)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE: CWE-89

Published: October 1, 2020

Last Updated: November 21, 2024

🔗 References

https://websitebaker.org/pages/en/home.php Product,Vendor Advisory
https://www.exploit-db.com/exploits/48849 Exploit,Third Party Advisory,VDB Entry
https://websitebaker.org/pages/en/home.php Product,Vendor Advisory
https://www.exploit-db.com/exploits/48849 Exploit,Third Party Advisory,VDB Entry

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2020-25990, you might also want to check these: