DzzOffice v2.3.7 and before is vulnerable to SQL Injection in explorer/groupmanage.
The vulnerability consists of insufficient validation and sanitization of input data passed to SQL queries in the group management module (explorer/groupmanage). An attacker can inject malicious SQL code into request parameters, resulting in the application executing unintended operations on the database. Due to the network vector (AV:N) and no authentication requirements (PR:N) or user interaction (UI:N), the attack can be conducted remotely by any individual.
An attacker can gain full access to data stored in the database, modify or delete any data, and in favorable configurations also cause a system availability breach. CVSS indicates complete violation of confidentiality, integrity, and availability.
Patches available from the vendor should be applied according to references. As a temporary workaround, it is recommended to restrict network access to the DzzOffice instance to trusted IP addresses only and monitor database queries for anomalies.
DzzOffice version 2.3.7 and all earlier versions.
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HDzzoffice
APPDzzoffice≤ 2.3.7
Related vulnerabilities
Dowolne przesyłanie plików w DzzOffice — krytyczna podatność RCE
dzzoffice 2.02.1 is vulnerable to Directory Traversal via user/space/about.php.
A Cross-Site Request Forgery (CSRF) in dzzoffice 2.02.1_SC_UTF8 allows attackers to arbitrarily create user ac...
The comment editing template (dzz/comment/template/edit_form.htm) in DzzOffice 2.3.x lacks adequate security e...
There is Stored Cross-Site Scripting (XSS) in dzzoffice 2.02.1 SC UTF8 in uploadfile to index.php, with the XS...