We-Com OpenData CMS 2.0 SQL Injection

2020.06.02
Credit: thelastvvv
Risk: Medium
Local: No
Remote: Yes
CVE: N/A
CWE: CWE-89

# Exploit Title: We-com OpenData CMS 2.0 Authentication Bypass / SQL Injection # Google Dork:N/A # Date: 2020-04-17 # Exploit Author: @ThelastVvV # Vendor Homepage: https://www.we-com.it/ # Version: 2.0 # Tested on: 5.5.0-kali1-amd64 --------------------------------------------------------- Vendor contact timeline: 2020-05-05: Contacting vendor through info@we-com.it 2020-05-26: A Patch is published in the version 2020-06-01: Release of security advisory Authentication Bypass / SQL Injection in the opendata 2.0 CMS PoC: Payload(s) USERNAME: admin' or '1' = '1'; -- - PASSWORD: vvv the SQL injection attack has resulted in a bypass of the login,to confirm you will get a reponse in header of the page with "okokokokokokokokokokokokokok" But will not redirect you to the control panel so you wil need to do it manual https://www.site.gov.it/admin/?mod=mod_admin and we are now authenticated as "adminstrator".


Vote for this issue:
50%
50%


 

Thanks for you vote!


 

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.


(*) - required fields.  
{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1
{{ x.comment }}

Copyright 2020, cxsecurity.com

 

Back to Top