Miggo Logo
Miggo Vulnerability Database
CVE-2018-13448

CVE-2018-13448: Dolibarr SQL injection vulnerability in product/card.php

9.8

CVSS Score
3.0

Basic Information

CVE ID
CVE-2018-13448
GHSA ID
GHSA-m5rg-g6f9-8wpw
EPSS Score
0.53496%
CWE
CWE-89
Published
5/14/2022
Updated
4/24/2024
KEV Status
No
Technology
TechnologyPHP

Technical Details

CVSS Vector
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Package NameEcosystemVulnerable VersionsFirst Patched Version
dolibarr/dolibarrcomposer= 7.0.37.0.4

Vulnerability Intelligence
Miggo AIMiggo AI

Miggo AIRoot Cause Analysis

The SQL injection occurred through the country_id parameter in product/card.php. The commit diff shows the parameter was originally retrieved with GETPOST('country_id') without type validation, making it vulnerable to raw SQL injection. The patch added 'int' type enforcement (GETPOST('country_id','int')) to sanitize input. This matches the CVE description of SQL injection via country_id and the pattern of unsafe GETPOST usage fixed in the patch.

Vulnerable functions

Only Mi**o us*rs **n s** t*is s**tion

WAF Protection Rules

WAF Rule

SQL inj**tion vuln*r**ility in pro*u*t/**r*.p*p in *oli**rr *RP/*RM v*rsion *.*.* *llows r*mot* *tt**k*rs to *x**ut* *r*itr*ry SQL *omm*n*s vi* t** *ountry_i* p*r*m*t*r.

Reasoning

T** SQL inj**tion o**urr** t*rou** t** *ountry_i* p*r*m*t*r in pro*u*t/**r*.p*p. T** *ommit *i** s*ows t** p*r*m*t*r w*s ori*in*lly r*tri*v** wit* **TPOST('*ountry_i*') wit*out typ* v*li**tion, m*kin* it vuln*r**l* to r*w SQL inj**tion. T** p*t** ***