CVE-2018-8820

Square 9 GlobalForms 6.2.x Blind SQL Injection

Severity Score

7.5

*CVSS v3

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

*SSVC

Descriptions

An issue was discovered in Square 9 GlobalForms 6.2.x. A Time Based SQL injection vulnerability in the "match" parameter allows remote authenticated attackers to execute arbitrary SQL commands. It is possible to upgrade access to full server compromise via xp_cmdshell. In some cases, the authentication requirement for the attack can be met by sending the default admin credentials.

Se ha descubierto un problema en Square 9 GlobalForms 6.2.x. Una vulnerabilidad de inyección SQL basada en tiempo en el parámetro "match" permite que atacantes remotos autenticados ejecuten comandos SQL arbitrarios. Es posible actualizar el acceso para comprometer por completo el servidor mediante xp_cmdshell. En algunos casos, el requisito de autenticación para el ataque puede cumplirse mediante el envío de las credenciales de administrador por defecto.

Square 9 GlobalForms versions 6.2.x and below suffer from a remote blind SQL injection vulnerability.

*Credits: N/A

Attack Vector

Network

Attack Complexity

High

Privileges Required

Low

User Interaction

None

Scope

Unchanged

Confidentiality

High

Integrity

High

Availability

High

Attack Vector

Network

Attack Complexity

Medium

Authentication

Single

Confidentiality

Partial

Integrity

Partial

Availability

Partial

* Common Vulnerability Scoring System

SSVC

Decision:-

Exploitation

Automatable

Tech. Impact

* Organization's Worst-case Scenario

Timeline

2018-03-20 CVE Reserved
2018-03-28 CVE Published
2018-03-29 First Exploit
2024-08-05 CVE Updated
2025-03-30 EPSS Updated
---------- Exploited in Wild
---------- KEV Due Date

CWE

CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')

CAPEC

References (3)

URL	Tag	Source

URL	Date	SRC
https://packetstorm.news/files/id/146942	2018-03-29
https://github.com/hateshape/frevvomapexec	2019-01-29
http://seclists.org/fulldisclosure/2018/Mar/57	2024-08-05

URL	Date	SRC

URL	Date	SRC

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Square-9 Search vendor "Square-9"		Globalforms Search vendor "Square-9" for product "Globalforms"				<= 6.2 Search vendor "Square-9" for product "Globalforms" and version " <= 6.2"		-		Affected