MetInfo SQL Injection Scanner

MetInfo is a free, open-source content management system (CMS) built using PHP and MySQL, commonly used for constructing enterprise websites. Organizations and developers frequently employ MetInfo due to its robust feature set that facilitates easy website management and customization. Primarily used by medium and large-scale enterprises, it supports a wide range of professional website constructions. MetInfo is equipped with functionalities tailored for business needs, including responsive design and multilingual support, making it versatile for global applications. The software is popular among developers for its extensible nature and a wide array of plugins to enhance capability. Due to its broad utility, a vulnerability in MetInfo can have significant implications for businesses relying on it for website management.

SQL Injection vulnerabilities occur when an attacker can manipulate SQL queries by injecting malicious input through parameters that a server-SQL database uses for data retrieval. These vulnerabilities enable attackers to execute arbitrary SQL commands, potentially accessing, modifying, or deleting data in a database without proper authorization. SQL Injection presents a significant security risk, as it can allow unauthorized access to sensitive information and full database compromise. The vulnerability in MetInfo's global.func.php file through a JSON parameter signifies how attackers can exploit SQL Injection to attack web applications, especially CMS-based platforms. Inadvertently exposing such a database to untrusted data inputs raises major concerns over data integrity and security.

The technical details of the SQL Injection vulnerability in MetInfo involve exploiting a JSON parameter used in its global.func.php file. Attackers can use an HTTP GET request to manipulate the SQL query executed by this file, injecting arbitrary SQL code. Specifically, the vulnerable endpoint can be construed to incorporate malicious payloads such as UNION SELECT statements to extract data such as administrator credentials. Attackers insert the payload into the JSON parameter without it being properly validated or sanitized, leading to full database access. The lack of prepared statements or parameterized queries exacerbates the ease with which SQL code can be injected.

When exploited, this SQL Injection vulnerability can lead to severe consequences for affected systems. Attackers could retrieve sensitive user data, such as usernames and passwords, emails, and other personal information stored in the database. There is potential for data corruption or database content manipulation, leading to loss of integrity and trust. With an administrative-level compromise, attackers can take control over the website, modify its appearance, and distribute malware. Additionally, compromised databases may facilitate further lateral attacks within the network infrastructure, leading to broader data breaches.

REFERENCES

• https://www.mituo.cn/