Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2019-9053 PoC — CMS Made Simple SQL注入漏洞

Source
https://github.com/louisthedonothing/CVE-2019-9053
Associated Vulnerability
Title:CMS Made Simple SQL注入漏洞 (CVE-2019-9053)
Description:An issue was discovered in CMS Made Simple 2.2.8. It is possible with the News module, through a crafted URL, to achieve unauthenticated blind time-based SQL injection via the m1_idlist parameter.
Description
CVE-2019-9053 rewritten in python3 to fix broken syntax. Affects CMS made simple <2.2.10
Readme
# CVE-2019-9053 (SQLI on CMS <=2.2.10

# Found by Daniele Scanu. Can be found [Here](https://www.exploit-db.com/exploits/46635)


##  Fixes the problem:  "File "/home/user/CVE-2019-9053", line 25
    print "[+] Specify an url target"
    ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
    SyntaxError: Missing parentheses in call to 'print'. Did you mean print(...)?", 
including all other incorrect printing syntax
File Snapshot

 [4.0K]  /data/pocs/00a625f5bd87d5388ba8d4144d1956657d73f79f
├── [6.3K]  46635.py
└── [ 403]  README.md

0 directories, 2 files
Shenlong Bot has cached this for you
Remarks
    1. It is advised to access via the original source first.
    2. Local POC snapshots are reserved for subscribers — if the original source is unavailable, the local mirror is part of the paid plan.
    3. Mirroring, verifying, and maintaining this POC archive takes ongoing effort, so local snapshots are a paid feature. Your subscription keeps the archive online — thank you for the support. View subscription plans →