CVE-2021-45821 - Vulnerability Details - OpenCVE

A blind SQL injection vulnerability exists in Xbtit 3.1 via the sid parameter in ajaxchat/getHistoryChatData.php file that is accessible by a registered user. As a result, a malicious user can extract sensitive data such as usernames and passwords and in some cases use this vulnerability in order to get a remote code execution on the remote web server.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication Single

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Btiteam	Xbtit

Configuration 1 [-]

cpe:2.3:a:btiteam:xbtit:3.1:*:*:*:*:*:*:*

No data.

References

Link	Providers
https://emaragkos.gr/infosec-adventures/xbtit-3-1-sql-njection/
https://github.com/btiteam/xbtit-3.1/blob/master/ajaxchat/getHistoryChatData.php
https://github.com/btiteam/xbtit-3.1/issues/6

History

No history.

MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2022-03-16T15:01:28

Updated: 2024-08-04T04:54:31.136Z

Reserved: 2021-12-27T00:00:00

Link: CVE-2021-45821

Vulnrichment

No data.

NVD

Status : Modified

Published: 2022-03-16T15:15:16.020

Modified: 2024-11-21T06:33:06.190

Link: CVE-2021-45821

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "descriptions": [{"lang": "en", "value": "A blind SQL injection vulnerability exists in Xbtit 3.1 via the sid parameter in ajaxchat/getHistoryChatData.php file that is accessible by a registered user. As a result, a malicious user can extract sensitive data such as usernames and passwords and in some cases use this vulnerability in order to get a remote code execution on the remote web server."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2022-03-16T15:01:28", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"tags": ["x_refsource_MISC"], "url": "https://github.com/btiteam/xbtit-3.1/blob/master/ajaxchat/getHistoryChatData.php"}, {"tags": ["x_refsource_MISC"], "url": "https://emaragkos.gr/infosec-adventures/xbtit-3-1-sql-njection/"}, {"tags": ["x_refsource_MISC"], "url": "https://github.com/btiteam/xbtit-3.1/issues/6"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2021-45821", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "A blind SQL injection vulnerability exists in Xbtit 3.1 via the sid parameter in ajaxchat/getHistoryChatData.php file that is accessible by a registered user. As a result, a malicious user can extract sensitive data such as usernames and passwords and in some cases use this vulnerability in order to get a remote code execution on the remote web server."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "https://github.com/btiteam/xbtit-3.1/blob/master/ajaxchat/getHistoryChatData.php", "refsource": "MISC", "url": "https://github.com/btiteam/xbtit-3.1/blob/master/ajaxchat/getHistoryChatData.php"}, {"name": "https://emaragkos.gr/infosec-adventures/xbtit-3-1-sql-njection/", "refsource": "MISC", "url": "https://emaragkos.gr/infosec-adventures/xbtit-3-1-sql-njection/"}, {"name": "https://github.com/btiteam/xbtit-3.1/issues/6", "refsource": "MISC", "url": "https://github.com/btiteam/xbtit-3.1/issues/6"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-04T04:54:31.136Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://github.com/btiteam/xbtit-3.1/blob/master/ajaxchat/getHistoryChatData.php"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://emaragkos.gr/infosec-adventures/xbtit-3-1-sql-njection/"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://github.com/btiteam/xbtit-3.1/issues/6"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2021-45821", "datePublished": "2022-03-16T15:01:28", "dateReserved": "2021-12-27T00:00:00", "dateUpdated": "2024-08-04T04:54:31.136Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:btiteam:xbtit:3.1:*:*:*:*:*:*:*", "matchCriteriaId": "A21A0AD0-FAEA-4856-9F29-02EA103AC083", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "A blind SQL injection vulnerability exists in Xbtit 3.1 via the sid parameter in ajaxchat/getHistoryChatData.php file that is accessible by a registered user. As a result, a malicious user can extract sensitive data such as usernames and passwords and in some cases use this vulnerability in order to get a remote code execution on the remote web server."}, {"lang": "es", "value": "Se presenta una vulnerabilidad de inyecci\u00f3n SQL ciega en Xbtit versi\u00f3n 3.1, por medio del par\u00e1metro sid en el archivo ajaxchat/getHistoryChatData.php que es accesible por un usuario registrado. Como resultado, un usuario malicioso puede extraer datos confidenciales como nombres de usuario y contrase\u00f1as y, en algunos casos, usar esta vulnerabilidad para conseguir una ejecuci\u00f3n de c\u00f3digo remota en el servidor web remoto"}], "id": "CVE-2021-45821", "lastModified": "2024-11-21T06:33:06.190", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "SINGLE", "availabilityImpact": "PARTIAL", "baseScore": 6.5, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 8.0, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2022-03-16T15:15:16.020", "references": [{"source": "cve@mitre.org", "tags": ["Exploit", "Third Party Advisory"], "url": "https://emaragkos.gr/infosec-adventures/xbtit-3-1-sql-njection/"}, {"source": "cve@mitre.org", "tags": ["Exploit", "Third Party Advisory"], "url": "https://github.com/btiteam/xbtit-3.1/blob/master/ajaxchat/getHistoryChatData.php"}, {"source": "cve@mitre.org", "tags": ["Exploit", "Third Party Advisory"], "url": "https://github.com/btiteam/xbtit-3.1/issues/6"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit", "Third Party Advisory"], "url": "https://emaragkos.gr/infosec-adventures/xbtit-3-1-sql-njection/"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit", "Third Party Advisory"], "url": "https://github.com/btiteam/xbtit-3.1/blob/master/ajaxchat/getHistoryChatData.php"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit", "Third Party Advisory"], "url": "https://github.com/btiteam/xbtit-3.1/issues/6"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-89"}], "source": "nvd@nist.gov", "type": "Primary"}]}