CSZ CMS 1.2.9 SQL Injection

CVE Category Price Severity
CVE-2021-43701 CWE-89 $500 High
Author Risk Exploitation Type Date
Unknown High Remote 2022-03-30
CVSS:4.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H 0.02192 0.50148

CVSS vector description

Our sensors found this exploit at:

Below is a copy:

CSZ CMS 1.2.9 SQL Injection
# Exploit Title: CSZ CMS 1.2.9 - 'Multiple' Blind SQL Injection
# Date: 2021-04-14
# Exploit Author: Rahad Chowdhury
# Vendor Homepage:
# Software Link:
# Version: 1.2.9
# Tested on: Windows 10, Kali Linux, PHP 7.4.16, Apache 2.4.46
# CVE: CVE-2021-43701

*Steps to Reproduce:*
1. First login to your Admin Panel
2. then go to "General Menu > CSV Export / Import".
3. open burp site and configure with browser.
4. then select any "Table Name" > Select "Fields Select" and Select "Sort
5. Now click "Export to CSV" and intercept with burp suite
6. "fieldS[]" or "orderby" parameter is vulnerable. Let's try to inject
Blind SQL Injection use this query "(select(0)from(select(sleep(10)))a)" in
"orderby" parameter.

*Proof of Concept:*

By issuing sleep(0) response will be delayed to 0 seconds.
By issuing sleep(1) response will be delayed to 1 seconds.
By issuing sleep(5) response will be delayed to 5 seconds.
By issuing sleep(10) response will be delayed to 10 seconds

Copyright ©2024 Exploitalert.

All trademarks used are properties of their respective owners. By visiting this website you agree to Terms of Use.