EmpireCMS v7.5 has sql injection vulnerability in adding advertisement category
Test Environment
Windows10
PHP 5.5.9+Apache/2.4.39
Affect version
EmpireCMS 7.5
Vulnerable Code
e\admin\tool\AdClass.php line 30
The variable $add passed in by the AddAdClass function is inserted into the sql statement without any filtering, resulting in a sql injection vulnerability
Vulnerability display
First enter the background
Click as shown,go to the ad management module
Click to add and capture the packet
Modify parameters
payload:add%5Bclassname%5D=2bob' or updatexml(1,concat(0x7e,version()),0) or '
Successfully obtained the database version number
The text was updated successfully, but these errors were encountered:
Brief of this vulnerability
EmpireCMS v7.5 has sql injection vulnerability in adding advertisement category
Test Environment
Affect version
EmpireCMS 7.5
Vulnerable Code
e\admin\tool\AdClass.php line 30
The variable $add passed in by the AddAdClass function is inserted into the sql statement without any filtering, resulting in a sql injection vulnerability
Vulnerability display
First enter the background
Click as shown,go to the ad management module
Click to add and capture the packet
Modify parameters
payload:add%5Bclassname%5D=2bob' or updatexml(1,concat(0x7e,version()),0) or '
Successfully obtained the database version number
The text was updated successfully, but these errors were encountered: