Vulners
Lucene search
CMS Made Simple 2.2.15 SQL Injection
🗓️ 20 Mar 2021 00:00:00Reported by Riccardo KrauterType 
packetstorm🔗 packetstormsecurity.com👁 288 Views
`1) Summary
Affected software CMS Made Simple-2.2.15
Vendor URLhttp://www.cmsmadesimple.org/ <http://www.cmsmadesimple.org/>
Vulnerability SQL injection
2) Vulnerability Description
The affected software is vulnerable to SQL injection via the m1_sortby POST parameter of the News module, reachable via the moduleinterface.php page.
The `sortby` parameter is sanitized by replacing the `'` with the `_` character, anyway it is possible to inject arbitrary SQL language without using the `'`.
This vulnerability is remotely exploitable and require authentication.
3) PoC and details
https://github.com/beerpwn/CVE/blob/master/cms_made_simple_2021/sqli_order_by/CMS-MS-SQLi-report.md
4) Credits
This vulnerability has been discovered and reported
by Riccardo Krauter researcher @ Soter IT Security (soteritsecurity.com).
5) Timeline
2021/02/22 Vendor was informed
2021/02/26 Vendor said he won't fix
2021/03/17 Public disclosure
`
Data
Build on a solid foundation with Vulners data
We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data
Api
Power your application with Vulners API
The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access
App
Assess and manage vulnerabilities with Vulners tools
Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation
20 Mar 2021 00:00Current
0.5Low risk
Vulners AI Score0.5