CVE-2019-9053 PoC — CMS Made Simple SQL注入漏洞

Source

https://github.com/hf3cyber/CMS-Made-Simple-2.2.9-Unauthenticated-SQL-Injection-Exploit-CVE-2019-9053-

Associated Vulnerability

Title:CMS Made Simple SQL注入漏洞 (CVE-2019-9053)
Description:CMS Made Simple（CMSMS）是CMSMS团队的一套开源的内容管理系统(CMS)。该系统支持基于角色的权限管理系统、基于向导的安装与更新机制、智能缓存机制等。 CMSMS 2.2.8版本中存在SQL注入漏洞，该漏洞源于基于数据库的应用缺少对外部输入SQL语句的验证。攻击者可利用该漏洞执行非法SQL命令。

Description

This exploit targets an unauthenticated SQL injection vulnerability in CMS Made Simple <= 2.2.9 (CVE-2019-9053). It uses a time-based blind SQL injection to extract the username, email, and password hash from the database. Additionally, it supports password cracking using a wordlist.

Readme

# CMS Made Simple <= 2.2.9 SQL Injection Exploit (CVE-2019-9053)

📌 Description

This exploit targets an unauthenticated SQL injection vulnerability in CMS Made Simple <= 2.2.9 (CVE-2019-9053). The vulnerability allows attackers to extract sensitive information such as username, email, password hash, and salt via a time-based blind SQL injection.

Additionally, the exploit supports password cracking using a provided wordlist.



# 🚀 Features

Unauthenticated SQL Injection

Extracts Username, Email, and Password Hash

Retrieves Password Salt

Supports Password Cracking via Wordlist (Optional)

Uses Time-Based Blind SQL Injection

# 🔧 Installation

Clone the repository:

```bash
git clone https://github.com/hf3cyber/CMS-Made-Simple-2.2.9-Unauthenticated-SQL-Injection-Exploit-CVE-2019-9053-.git
cd CMS-Made-Simple-2.2.9-Unauthenticated-SQL-Injection-Exploit-CVE-2019-9053-
```

# ⚡ Usage

Basic Exploitation

```bash
python3 exploit.py -u http://target.com/cms
```

Exploitation with Password Cracking

```bash
python3 exploit.py -u http://target.com/cms -c -w /usr/share/wordlist/rockyou.txt
```

# 📦 Requirements

Python 3

requests module (pip install requests)

termcolor module (pip install termcolor)

# 🔒 Mitigation

To protect against this vulnerability, upgrade CMS Made Simple to the latest secure version and ensure proper input sanitization with prepared statements.

# ⚠️ Disclaimer

This exploit is for educational and authorized penetration testing purposes only. Misuse of this script for unauthorized access is illegal. The author is not responsible for any misuse or damage caused.

# 📜 License

This project is licensed under the MIT License. See the [![License: MIT](https://img.shields.io/github/license/hf3cyber/CMS-Made-Simple-2.2.9-Unauthenticated-SQL-Injection-Exploit-CVE-2019-9053-)](https://github.com/hf3cyber/CMS-Made-Simple-2.2.9-Unauthenticated-SQL-Injection-Exploit-CVE-2019-9053-/blob/main/LICENSE)
 file for details.

🤝 Contributing

Contributions are welcome! Feel free to open an issue or submit a pull request to improve the script.

File Snapshot


 [4.0K]  /data/pocs/e34c72f9bf51eb74972eb0c998aa31552cfc4cb7
├── [3.9K]  exploit.py
├── [1.0K]  LICENSE
└── [2.1K]  README.md

0 directories, 3 files

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!