Login Sign Up

CVE-2020-8519

9.8 CRITICAL
SQL Injection

📋 TL;DR

This CVE describes a critical SQL injection vulnerability in the search parameter of Records.php in phpzag's 'Live Add Edit Delete DataTables Records with Ajax PHP MySQL' script. Attackers can execute arbitrary SQL commands, potentially compromising the entire database. Any website using this vulnerable script is affected.

💻 Affected Systems

Products:
  • phpzag Live Add Edit Delete DataTables Records with Ajax PHP MySQL
Versions: All versions prior to patching
Operating Systems: All
Default Config Vulnerable: ⚠️ Yes
Notes: The vulnerability exists in the default installation of the script.

📦 What is this software?

Phpzag by Phpzag

View all CVEs affecting Phpzag →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete database compromise leading to data theft, data destruction, authentication bypass, and potential remote code execution via database functions.

🟠

Likely Case

Database information disclosure, data manipulation, and potential privilege escalation.

🟢

If Mitigated

Limited impact with proper input validation, parameterized queries, and database user privilege restrictions.

🌐 Internet-Facing: HIGH
🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ⚠️ Yes
Weaponized: LIKELY
Unauthenticated Exploit: ⚠️ Yes
Complexity: LOW

SQL injection via search parameter requires minimal technical skill to exploit.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Updated script from phpzag website

Vendor Advisory: https://www.phpzag.com/live-add-edit-delete-datatables-records-with-ajax-php-mysql/

Restart Required: No

Instructions:

1. Download updated script from phpzag.com 2. Replace vulnerable Records.php file 3. Test functionality 4. Deploy to production

🔧 Temporary Workarounds

Input Validation Filter

all

Add input validation to sanitize search parameter before processing

Add input filtering in Records.php: $search = filter_var($_POST['search'], FILTER_SANITIZE_STRING);

WAF Rule

all

Implement web application firewall rules to block SQL injection patterns

ModSecurity rule: SecRule ARGS:search "@detectSQLi" "id:1001,phase:2,deny"

🧯 If You Can't Patch

  • Implement strict input validation and parameterized queries in Records.php
  • Restrict database user permissions to minimum required privileges

🔍 How to Verify

Check if Vulnerable:

Test search parameter with SQL injection payloads like ' OR '1'='1

Check Version:

Check file modification dates and compare with known vulnerable versions

Verify Fix Applied:

Test with same payloads and verify they are properly sanitized or rejected

📡 Detection & Monitoring

Log Indicators:

  • Unusual SQL queries in database logs
  • Multiple failed login attempts after search queries
  • Suspicious search parameters containing SQL keywords

Network Indicators:

  • HTTP POST requests to Records.php with SQL injection patterns in search parameter

SIEM Query:

source="web_logs" AND uri="/Records.php" AND (search="*OR*" OR search="*UNION*" OR search="*SELECT*" OR search="*INSERT*")

📊 Metadata

CVE ID: CVE-2020-8519
CVSS v3 Score: 9.8 (CRITICAL)
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CWE: CWE-89
Published: July 7, 2020
Last Updated: November 21, 2024

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2020-8519, you might also want to check these:

CVE-2024-8522 10.0

This vulnerability allows unauthenticated attackers to perform SQL injection attacks on WordPress si...

Same vulnerability type (CWE-89)
CVE-2024-13152 10.0

This SQL injection vulnerability in BSS Software's Mobuy Online Machinery Monitoring Panel allows at...

Same vulnerability type (CWE-89)
CVE-2021-42311 10.0

CVE-2021-42311 is a critical SQL injection vulnerability in Microsoft Defender for IoT that allows r...

Same vulnerability type (CWE-89)