4 matches found
CSZ CMS 1.2.9 SQL Injection
Exploit Title: CSZ CMS 1.2.9 - 'Multiple' Blind SQL Injection Authenticated Date: 2021-04-14 Exploit Author: Rahad Chowdhury Vendor Homepage: https://www.cszcms.com/ Software Link: https://sourceforge.net/projects/cszcms/files/install/CSZCMS-V1.2.9.zip Version: 1.2.9 Tested on: Windows 10, Kali...
CSZ CMS 1.2.9 - Multiple Blind SQL injection (Authenticated) Vulnerability
Exploit Title: CSZ CMS 1.2.9 - 'Multiple' Blind SQLiAuthenticated Exploit Author: Rahad Chowdhury Vendor Homepage: https://www.cszcms.com/ Software Link: https://sourceforge.net/projects/cszcms/files/install/CSZCMS-V1.2.9.zip Version: 1.2.9 Tested on: Windows 10, Kali Linux, PHP 7.4.16, Apache...
CSZ CMS 1.2.9 - 'Multiple' Blind SQLi(Authenticated)
Exploit Title: CSZ CMS 1.2.9 - 'Multiple' Blind SQLiAuthenticated Date: 2021-04-14 Exploit Author: Rahad Chowdhury Vendor Homepage: https://www.cszcms.com/ Software Link: https://sourceforge.net/projects/cszcms/files/install/CSZCMS-V1.2.9.zip Version: 1.2.9 Tested on: Windows 10, Kali Linux, PHP...
CVE-2021-43701
Summary: CSZ CMS 1.2.9 contains a time- and boolean-based blind SQL injection in the export endpoint. The vulnerability is triggered via /admin/export/getcsv/article_db using fieldS[] and orderby parameters, as described by CVE-2021-43701 records across multiple sources (NVD/CVE, CNVD/CNNVD, Expl...