Babo96

Babo96 / gist:860aaeaf1dd3e6cb689a3991b895af34

Last active November 1, 2020 04:06 — forked from pdelteil/gist:6ebac2290a6fb33eea1af194485a22b1

CMS made simple SQL Injection

	#!/usr/bin/env python
	# Exploit Title: Unauthenticated SQL Injection on CMS Made Simple <= 2.2.9
	# Date: 30-03-2019
	# Exploit Author: Daniele Scanu @ Certimeter Group
	# Vendor Homepage: https://www.cmsmadesimple.org/
	# Software Link: https://www.cmsmadesimple.org/downloads/cmsms/
	# Version: <= 2.2.9
	# Tested on: Ubuntu 18.04 LTS
	# CVE : CVE-2019-9053