Description
1.Information
Exploit Title: IonizeCMS-V1.0.8.1-Unverified post request parameters lead to command injection
Exploit date: 11.04.2022
Exploit Author: ericfrank900528@gmail.com
Vendor Homepage: https://github.com/ionize/ionize
Affect Version: V1.0.8.1
Description: Code injection in Ionize CMS 1.0.8.1 allows attackers to execute commands remotely via a code injection request from client.
2.Vulnerability Description
The exploit code is located in the project's application/models/lang_model.php file
In the copy_lang_content method, the code is as follows.
The POST parameter from is spliced into the function content parameter in the create_function function without any processing or checking, resulting in a code injection vulnerability

3.How to Exploit
Construct the attack packet to achieve the effect of executing the whoami command.

4.Suggestion
Validate the parameters in the post request to avoid Code injection