Lucene search
+L

4 matches found

Packet Storm
Packet Storm
added 2022/03/30 12:0 a.m.246 views

CSZ CMS 1.2.9 SQL Injection

Exploit Title: CSZ CMS 1.2.9 - 'Multiple' Blind SQL Injection Authenticated Date: 2021-04-14 Exploit Author: Rahad Chowdhury Vendor Homepage: https://www.cszcms.com/ Software Link: https://sourceforge.net/projects/cszcms/files/install/CSZCMS-V1.2.9.zip Version: 1.2.9 Tested on: Windows 10, Kali...

0.3AI score0.03345EPSS
Exploits4
0day.today
0day.today
added 2022/03/30 12:0 a.m.304 views

CSZ CMS 1.2.9 - Multiple Blind SQL injection (Authenticated) Vulnerability

Exploit Title: CSZ CMS 1.2.9 - 'Multiple' Blind SQLiAuthenticated Exploit Author: Rahad Chowdhury Vendor Homepage: https://www.cszcms.com/ Software Link: https://sourceforge.net/projects/cszcms/files/install/CSZCMS-V1.2.9.zip Version: 1.2.9 Tested on: Windows 10, Kali Linux, PHP 7.4.16, Apache...

6.5CVSS0.4AI score0.03345EPSS
Exploits4
Exploit DB
Exploit DB
added 2022/03/30 12:0 a.m.271 views

CSZ CMS 1.2.9 - 'Multiple' Blind SQLi(Authenticated)

Exploit Title: CSZ CMS 1.2.9 - 'Multiple' Blind SQLiAuthenticated Date: 2021-04-14 Exploit Author: Rahad Chowdhury Vendor Homepage: https://www.cszcms.com/ Software Link: https://sourceforge.net/projects/cszcms/files/install/CSZCMS-V1.2.9.zip Version: 1.2.9 Tested on: Windows 10, Kali Linux, PHP...

6.5CVSS6.6AI score0.03345EPSS
Exploits4
CVE
CVE
added 2022/03/29 3:31 p.m.95 views

CVE-2021-43701

Summary: CSZ CMS 1.2.9 contains a time- and boolean-based blind SQL injection in the export endpoint. The vulnerability is triggered via /admin/export/getcsv/article_db using fieldS[] and orderby parameters, as described by CVE-2021-43701 records across multiple sources (NVD/CVE, CNVD/CNNVD, Expl...

6.5CVSS7AI score0.03345EPSS
Exploits4References3Affected Software1
Rows per page
Query Builder