VYPR
← All advisories
Unrated severityNVD Advisory· Published Jun 16, 2024· Updated Aug 1, 2024

Feng Office Workspaces sql injection

CVE-2024-6039

Description

Blind SQL injection in Feng Office 3.11.1.2 Workspaces via the dim parameter allows remote unauthenticated attackers to extract database contents.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Blind SQL injection in Feng Office 3.11.1.2 Workspaces via the dim parameter allows remote unauthenticated attackers to extract database contents.

Vulnerability

Feng Office version 3.11.1.2 contains a blind SQL injection vulnerability in the Workspaces component. The dim parameter, passed via HTTP GET request, is not properly sanitized before being used in SQL queries. This allows an attacker to inject arbitrary SQL statements. The issue affects the exact version 3.11.1.2.

Exploitation

An attacker must be logged into the application and then navigate to the Workspaces page. By modifying the dim parameter in the URL, the attacker can inject SQL commands. The exploit can be automated using SQLMap, as demonstrated in the public disclosure [1]. The attack requires no special privileges beyond a valid user session and can be launched remotely.

Impact

Successful exploitation allows an attacker to extract sensitive information from the underlying MySQL database, including user credentials and other stored data. The blind SQL injection nature means the attacker can enumerate data row by row. The attacker does not gain direct code execution but can compromise the confidentiality of the database contents [1].

Mitigation

As of the publication date, no official patch has been released by Feng Office. Users should apply input validation and parameterized queries to the dim parameter as a workaround. The vendor has not yet addressed this vulnerability in a public advisory. The exploit is publicly known and may be used in attacks [1].

References
  1. Friday Fun Pentest Series - 6 - fengofficev3.11.1.2

AI Insight generated on May 27, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.

Affected products

2

Patches

0

No patches discovered yet.

Vulnerability mechanics

Root cause

"The application does not properly sanitize user-supplied input in the 'dim' parameter, allowing for SQL injection."

Attack vector

The attacker must first log into the Feng Office application and navigate to the 'Workspaces' section. They then need to copy the full URL of the current page and paste it into a text file. The 'dim' parameter within the HTTP GET request is identified as the injection point. Automated tools like SQLMap can be used to exploit this vulnerability by sending crafted SQL queries to the 'dim' parameter [ref_id=1]. The attack can be launched remotely.

Affected code

The vulnerability resides within the Workspaces component of Feng Office 3.11.1.2. Specifically, the 'dim' parameter is susceptible to SQL injection [ref_id=1]. The exact function or file is not specified in the provided information.

What the fix does

The advisory does not provide details on a specific patch or fix. It is recommended to upgrade to a newer version of Feng Office if available, or to apply any security patches released by the vendor. Without a patch, the exact remediation steps are not specified.

Preconditions

  • authThe attacker must be logged into the Feng Office application.
  • inputThe 'dim' parameter in the HTTP GET request is manipulated.

Reproduction

1. Login to application 2. Click on "Workspaces" 3. Copy full URL 4. Paste the HTTP GET request into text file 5. Set the injection point to be in the "dim" parameter value 6. Use SQLMap to automate the process: sqlmap -r request.txt --threads 1 --level 5 --risk 3 --dbms=3Dmysql -p dim [ref_id=1]

Generated on Jun 1, 2026. Inputs: CWE entries + fix-commit diffs from this CVE's patches. Citations validated against bundle.

References

4

News mentions

0

No linked articles in our index yet.