关联漏洞
标题:
CMS Made Simple SQL注入漏洞
(CVE-2019-9053)
描述:CMS Made Simple(CMSMS)是CMSMS团队的一套开源的内容管理系统(CMS)。该系统支持基于角色的权限管理系统、基于向导的安装与更新机制、智能缓存机制等。 CMSMS 2.2.8版本中存在SQL注入漏洞,该漏洞源于基于数据库的应用缺少对外部输入SQL语句的验证。攻击者可利用该漏洞执行非法SQL命令。
描述
CVE-2019-9053 Exploit for Python 3
介绍
# CVE-2019-9053
CVE-2019-9053 Exploit for Python 3
Last tested: 28-12-2021
Tested on: Python 3.10.1
Original Exploit Source: https://www.exploit-db.com/exploits/46635
Users take full responsibility for any actions performed using this tool.
If these terms are not acceptable to you, then do not use this tool.
Please use this tool only in environments where you have permissions to perform penetration testing activities.
Please do not use this tool for any malicious purpose.
## Note on wordlist character encoding
This exploit code requires a UTF-8 file as a Wordlist.
For example, if you use rockyou, which comes with Kali-Linux according to some CTF instructions, you need to change its character encoding from Latin-1 to UTF-8.
文件快照
[4.0K] /data/pocs/7eb946f1552abfcd3483ed019d4d5cbc0fdec4d2
├── [6.5K] exploit.py
└── [ 747] README.md
0 directories, 2 files
备注
1. 建议优先通过来源进行访问。
2. 如果因为来源失效或无法访问,请发送邮箱到 f.jinxu#gmail.com 索取本地快照(把 # 换成 @)。
3. 神龙已为您对POC代码进行快照,为了长期维护,请考虑为本地POC付费,感谢您的支持。