Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2019-7139 PoC — Magento SQL注入漏洞

Source
https://github.com/adhammedhat111/Magento-CVE-2019-7139-SQLi-PoC
Associated Vulnerability
Title:Magento SQL注入漏洞 (CVE-2019-7139)
Description:Magento是美国Magento公司的一套开源的PHP电子商务系统。该系统提供权限管理、搜索引擎和支付网关等功能。 Magento 2.1.18之前的2.1版本、2.2.9之前的2.2版本、2.3.2之前的2.3版本中存在SQL注入漏洞。该漏洞源于基于数据库的应用缺少对外部输入SQL语句的验证。攻击者可利用该漏洞执行非法SQL命令。
Description
Proof-of-Concept (PoC) exploit for CVE-2019-7139, an unauthenticated SQL injection vulnerability in Magento (PRODSECBUG-2198). For educational and security research purposes only. Use with explicit permission from system owners. Includes documentation and mitigations.
Readme
# CVE-2019-7139 PoC: Magento SQL Injection

This repository contains a proof-of-concept (PoC) exploit for **CVE-2019-7139** (PRODSECBUG-2198), an unauthenticated SQL injection vulnerability in Magento, discovered by Charles Fol of Ambionics Security.

## Vulnerability Details
- **CVE ID**: CVE-2019-7139
- **Affected Versions**:
  - Magento Open Source <= 1.9.4.0
  - Magento Commerce <= 1.14.4.0
  - Magento 2.1 <= 2.1.16
  - Magento 2.2 <= 2.2.7
  - Magento 2.3.0
- **Description**: The vulnerability allows unauthenticated attackers to perform SQL injection via the `/catalog/product_frontend_action/synchronize` endpoint, potentially extracting sensitive data or manipulating the database.
- **Impact**: Data exposure, data manipulation, and potential escalation to further attacks.

## Purpose
This PoC is provided for **educational purposes** and **security research** only. It demonstrates how an attacker could exploit CVE-2019-7139 to extract database information using error-based or time-based SQL injection.

## Installation
1. Clone the repository:
   ```bash
   git clone https://github.com/adhammedhat111/CVE-2019-7139-PoC
   ```
2. Navigate to the repository directory:
   ```bash
   cd CVE-2019-7139-PoC
   ```
3. Install dependencies:
   ```bash
   pip install requests
   ```

## Usage
1. Run the PoC:
   ```bash
   python3 exploit.py <target_url>
   ```
2. The script will attempt to enumerate databases, tables, columns, and sample data.

## References
- [CVE-2019-7139](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7139)
- [Magento Security Advisories](https://magento.com/security)
- [Ambionics Security](https://www.ambionics.io/)
- [Pentest-Tools: Exploiting SQL Injection in Magento with SQLmap](https://pentest-tools.com/blog/exploiting-sql-injection-in-magento-with-sqlmap)
- [Lexfo: Magento SQL Injection](https://blog.lexfo.fr/magento-sqli.html)

## Disclaimer
This code is for educational and research purposes only. **Do not use it against systems without explicit permission from the system owner.** The author is not responsible for any misuse or damage caused by this code. Use at your own risk.

## License
This project is licensed under the MIT License. See the LICENSE file for details.
File Snapshot

 [4.0K]  /data/pocs/9644382b58403f6de20c2052cf34b1fba0ed188c
├── [5.9K]  exploit.py
├── [1.0K]  LICENSE
└── [2.2K]  README.md

0 directories, 3 files
Shenlong Bot has cached this for you
Remarks
    1. It is advised to access via the original source first.
    2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).
    3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.