Headline
CVE-2023-50073: EmpireCMS v7.5 SetEnews.php has sql injection vulnerability · Issue #7 · leadscloud/EmpireCMS
EmpireCMS v7.5 was discovered to contain a SQL injection vulnerability via the ftppassword parameter at SetEnews.php.
Brief of this vulnerability
EmpireCMS v7.5 has an SQL injection vulnerability when configuring FTP passwords
Test Environment
Windows10
PHP 5.4.45+Apache/2.4.39
Affect version
EmpireCMS 7.5
Vulnerable Code
e\admin\SetEnews.php line 353
Vulnerability display
First enter the background
Click to add and capture the packet
Modify parameters
payload:ftppassword=test’+and+(updatexml(1,concat(0x3a,(database())),1))+and’
Successfully obtained the database name