关键漏洞信息 漏洞标题 SQL Injection in ClipBucket Custom Fields plugin 漏洞ID GHSA-4g7x-j562-8g69 风险等级 Moderate (6.5/10) 受影响版本 = 5.5.2 - #152 描述 SQL Injection vulnerabilities in ClipBucket Custom Fields plugin allow authenticated administrators with plugin management privileges to execute arbitrary SQL commands against the database. The vulnerabilities require the Custom Fields plugin to be installed and accessible, and can only be exploited by users with administrative access to the plugin interface. 漏洞详情 Authentication Required: Yes (Administrator privileges) Plugin Dependency: Custom Fields plugin must be installed and enabled Vulnerable Code Locations: - function - function 根因分析 1. Direct String Concatenation in SQL: The function constructs SQL queries by directly concatenating user input without any sanitization. 2. Missing Input Validation: No validation or sanitization of the , , , , , and parameters. 3. Unsafe WHERE Clause Construction: The function directly interpolates into the WHERE clause. 4. No Prepared Statements: Functions use raw SQL execution instead of parameterized queries. 影响 Vulnerability Type: SQL Injection (authenticated) Affected Users: Administrators with plugin management access Prerequisites: Custom Fields plugin installation and admin privileges 技术影响 Database read access to sensitive information Potential data modification within admin context Information disclosure of database structure and contents Privilege escalation within the database scope 局限性 Requires authenticated administrative access Limited to environments where Custom Fields plugin is installed Exploitation scope constrained by admin user database permissions No direct system-level access or remote code execution 风险评估 This is a Medium severity vulnerability due to the authentication requirement and plugin dependency. While the technical impact can be significant within the database context, the practical risk is reduced by the need for administrative credentials and the specific plugin installation requirement.