CVE-2025-61167
📋 TL;DR
SIGB PMB v8.0.1.14 contains SQL injection vulnerabilities in the /opac_css/ajax_selector.php component via the id and datas parameters. This allows attackers to execute arbitrary SQL commands on the database. Organizations running this specific version of PMB library management software are affected.
💻 Affected Systems
- SIGB PMB
📦 What is this software?
Pmb by Sigb
⚠️ Risk & Real-World Impact
Worst Case
Complete database compromise including data theft, data manipulation, privilege escalation, and potential remote code execution if database functions allow it.
Likely Case
Unauthorized data access, extraction of sensitive information from the database, and potential authentication bypass.
If Mitigated
Limited impact with proper input validation, parameterized queries, and database permissions restricting dangerous operations.
🎯 Exploit Status
SQL injection vulnerabilities are well-understood and easily weaponized. The gist.github.com reference contains technical details.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: Check vendor changelog for versions after v8.0.1.14
Vendor Advisory: https://forge.sigb.net/projects/pmb/wiki/Changelog_801#S%C3%A9curit%C3%A9-2
Restart Required: No
Instructions:
1. Check vendor changelog for patched version. 2. Backup database and application. 3. Upgrade to patched version. 4. Test functionality.
🔧 Temporary Workarounds
Input Validation Filter
allAdd input validation to filter malicious SQL characters in id and datas parameters
Modify ajax_selector.php to validate/sanitize parameters before database queries
Web Application Firewall
allDeploy WAF with SQL injection rules to block malicious requests
Configure WAF to block SQL injection patterns targeting /opac_css/ajax_selector.php
🧯 If You Can't Patch
- Implement strict input validation and parameterized queries in the vulnerable component
- Restrict network access to the PMB application using firewall rules
🔍 How to Verify
Check if Vulnerable:
Test ajax_selector.php with SQL injection payloads in id and datas parameters and observe database errors or unexpected behaviorCheck Version:
Check PMB version in admin interface or configuration filesVerify Fix Applied:
Test with same payloads after patching - should receive proper error handling without SQL execution📡 Detection & Monitoring
Log Indicators:
- SQL syntax errors in web server logs
- Unusual database queries from web application
- Multiple requests to ajax_selector.php with suspicious parameters
Network Indicators:
- HTTP requests to /opac_css/ajax_selector.php containing SQL keywords in parameters
- Unusual database traffic patterns
SIEM Query:
web.url:*ajax_selector.php* AND (web.param:*UNION* OR web.param:*SELECT* OR web.param:*INSERT* OR web.param:*DELETE*)