CVE-2023-29881 – CVE-2023-29881 is an SQL injection vulnerabilit... (How to Fix)

Q: What is the severity of CVE-2023-29881?

CVE-2023-29881 has a CVSS score of 6.5 (MEDIUM). CVE-2023-29881 is an SQL injection vulnerability in phpok 6.4.003 that allows attackers to execute arbitrary SQL commands through the index_f() function. This affects all users running the vulnerable version of phpok, potentially leading to data theft, modification, or deletion.

📋 TL;DR

CVE-2023-29881 is an SQL injection vulnerability in phpok 6.4.003 that allows attackers to execute arbitrary SQL commands through the index_f() function. This affects all users running the vulnerable version of phpok, potentially leading to data theft, modification, or deletion.

💻 Affected Systems

Products:

phpok

Versions: 6.4.003

Operating Systems: All

Default Config Vulnerable: ⚠️ Yes

Notes: Specifically affects the index_f() function in phpok64/framework/api/call_control.php

📦 What is this software?

Phpok by Phpok

View all CVEs affecting Phpok →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete database compromise including data exfiltration, data destruction, or privilege escalation leading to full system takeover.

🟠

Likely Case

Unauthorized data access, data manipulation, or extraction of sensitive information from the database.

🟢

If Mitigated

Limited impact with proper input validation, parameterized queries, and database permission restrictions in place.

🌐 Internet-Facing: HIGH

🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ⚠️ Yes

Weaponized: LIKELY

Unauthenticated Exploit: ⚠️ Yes

Complexity: LOW

SQL injection vulnerabilities are commonly exploited and weaponized tools likely exist

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: 6.4.004 or later

Vendor Advisory: https://github.com/qinggan/phpok/issues/15

Restart Required: No

Instructions:

1. Backup your current installation. 2. Download the latest version from the official repository. 3. Replace vulnerable files with patched versions. 4. Test functionality.

🔧 Temporary Workarounds

Input Validation Filter

all

Add input validation to sanitize user inputs before processing

Modify phpok64/framework/api/call_control.php to validate and sanitize all user inputs

WAF Rule Implementation

all

Deploy web application firewall rules to block SQL injection patterns

Add WAF rules to detect and block SQL injection attempts

🧯 If You Can't Patch

Implement strict input validation and parameterized queries in the vulnerable function
Restrict database user permissions to minimum required access

🔍 How to Verify

Check if Vulnerable:

Check if running phpok version 6.4.003 and examine the index_f() function in call_control.php for lack of input sanitization

Check Version:

Check phpok configuration files or admin panel for version information

Verify Fix Applied:

Verify version is 6.4.004 or later and test SQL injection attempts are properly blocked

📡 Detection & Monitoring

Log Indicators:

Unusual database queries
SQL syntax errors in logs
Multiple failed login attempts from same IP

Network Indicators:

SQL keywords in HTTP requests
Unusual parameter values in API calls

SIEM Query:

source="web_logs" AND ("UNION" OR "SELECT" OR "INSERT" OR "UPDATE" OR "DELETE" OR "DROP" OR "--" OR "' OR '1'='1")

📊 Metadata

CVE ID: CVE-2023-29881

CVSS v3 Score: 6.5 (MEDIUM)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N

CWE: CWE-89

Published: May 14, 2024

Last Updated: June 13, 2025

🔗 References

https://gist.github.com/Northind/97522a49ae4bb0c8e6e2a49e75fd637a Third Party Advisory
https://github.com/qinggan/phpok/issues/15 Exploit,Issue Tracking
https://gist.github.com/Northind/97522a49ae4bb0c8e6e2a49e75fd637a Third Party Advisory
https://github.com/qinggan/phpok/issues/15 Exploit,Issue Tracking

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2023-29881, you might also want to check these: