Brief of this vulnerability
EmpireCMS v7.5 has sql injection vulnerability in adding advertisement category
Test Environment
- Windows10
- PHP 5.5.9+Apache/2.4.39
Affect version
EmpireCMS 7.5
Vulnerable Code
e\admin\tool\AdClass.php line 30
The variable $add passed in by the AddAdClass function is inserted into the sql statement without any filtering, resulting in a sql injection vulnerability
Vulnerability display
First enter the background
Click as shown,go to the ad management module
Click to add and capture the packet
Modify parameters
payload:add%5Bclassname%5D=2bob' or updatexml(1,concat(0x7e,version()),0) or '
Successfully obtained the database version number
Brief of this vulnerability
EmpireCMS v7.5 has sql injection vulnerability in adding advertisement category
Test Environment
Affect version
EmpireCMS 7.5
Vulnerable Code
e\admin\tool\AdClass.php line 30
The variable $add passed in by the AddAdClass function is inserted into the sql statement without any filtering, resulting in a sql injection vulnerability
Vulnerability display
First enter the background
Click as shown,go to the ad management module
Click to add and capture the packet
Modify parameters
payload:add%5Bclassname%5D=2bob' or updatexml(1,concat(0x7e,version()),0) or '
Successfully obtained the database version number