CVE-2019-9053 PoC — CMS Made Simple SQL注入漏洞

Source

https://github.com/JagdeepSinghCeh/cms-made-simple-python3

Associated Vulnerability

Title:CMS Made Simple SQL注入漏洞 (CVE-2019-9053)
Description:CMS Made Simple（CMSMS）是CMSMS团队的一套开源的内容管理系统(CMS)。该系统支持基于角色的权限管理系统、基于向导的安装与更新机制、智能缓存机制等。 CMSMS 2.2.8版本中存在SQL注入漏洞，该漏洞源于基于数据库的应用缺少对外部输入SQL语句的验证。攻击者可利用该漏洞执行非法SQL命令。

Description

Python3-converted exploit and research notes for CMS Made Simple (CVE-2019-9053) — Unauthenticated SQL Injection vulnerability. Includes original PoC, improved Python3 version, usage instructions, and lab testing reference.

Readme

# CMS Made Simple – Exploitation Toolkit  
A collection of scripts, notes, and Python3–ready exploits for **CMS Made Simple (CMSMS)**, including the famous **Unauthenticated Time-Based SQL Injection – CVE-2019-9053**.

This repository is created and maintained by **Encrypticle (Jagdeep Singh)** as part of my cybersecurity research, ethical hacking practice, and 100-Day Cybersecurity Challenge series.

---

## 🚀 About This Repo
This repository contains:
- ✔️ The original Python2 exploit converted to Python3 for **CVE-2019-9053**  
- ✔️ A fully ported **Python3 version** of the exploit  
- ✔️ Walkthrough notes for attacking CMS Made Simple in labs  
- ✔️ Usage examples for Python3  
- ✔️ Fixes for common errors (print syntax, dependencies, termcolor issues, Python2 missing, etc.)  
- ✔️ Wordlist cracking support (MD5 + salt)

---

## 🕳️ Vulnerability: CVE-2019-9053  
CMS Made Simple versions **≤ 2.2.9** suffer from an **unauthenticated blind SQL injection** vulnerability.  
Successful exploitation allows an attacker to leak:
- Salt  
- Username  
- Email  
- Admin password hash  
- And optionally crack the password using a wordlist

The original exploit uses time-based SQL injection via the `moduleinterface.php?mact=` parameter.

---

## 📂 Usage Example
sudo python3 exploit_python3.py -u http://TARGET/cms --crack -w /usr/share/wordlists/rockyou.txt


⚠️ Legal Disclaimer
This project is for educational and authorized penetration testing purposes only.
Do NOT use these scripts on systems you do not own or do not have written permission to test.
Unauthorized testing is illegal.

📧 Contact
Maintained by Encrypticle (Jagdeep Singh)
YouTube: https://youtube.com/@Encrypticle
LinkedIn: https://www.linkedin.com/company/Encrypticle

⭐ Support & Contribution
If this repository helped you —
Star ⭐ the repo, fork it, or contribute improvements to the Python3 exploit.

File Snapshot


 [4.0K]  /data/pocs/718fe0e34c1b19141da7beddbd28e2dd2e685ac7
├── [6.9K]  exploit_python3.py
└── [1.9K]  README.md

1 directory, 2 files

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!