Skip to content

Instantly share code, notes, and snippets.

@a3exodus
a3exodus / cmsmadesimple-exploit.py
Created April 17, 2023 18:44 — forked from kriss-u/cmsmadesimple-exploit.py
cmsmadesimple <= 2.2.9 SQL injection
#!/usr/bin/python3
# Exploit Title: Unauthenticated SQL Injection on CMS Made Simple <= 2.2.9
# Date: 30-03-2019
# Exploit Author: Daniele Scanu @ Certimeter Group
# Vendor Homepage: https://www.cmsmadesimple.org/
# Software Link: https://www.cmsmadesimple.org/downloads/cmsms/
# Version: <= 2.2.9
# Tested on: Ubuntu 18.04 LTS
# CVE : CVE-2019-9053
# Updated by Krishna Upadhyay for Python 3