CVE-2019-9053-Python3

Description

This is an updated 2023 version (adapted for Python3) of the Python2 exploit for CVE-2019-9053 created by Daniele Scanu @ Certimeter Group in 2019. All I did was adapt the code for Python3. All credit goes to Daniele Scanu for the original exploit.

Information	Description
Exploit Title	Unauthenticated SQL Injection on CMS Made Simple <= 2.2.9
Exploit Version	Python3
Date	10-15-2023
Author	Doc0x1
Vendor Homepage	https://www.cmsmadesimple.org/
Software Link	https://www.cmsmadesimple.org/downloads/cmsms/
Version	<= 2.2.9
Tested on	Ubuntu 18.04 LTS
CVE	CVE-2019-9053

Usage

Specify a target URI and optionally a wordlist for cracking the admin password.

Example usage (no cracking password):

python3 exploit.py -u http://target-uri

Example usage (with cracking password):

python3 exploit.py -u http://target-uri --crack -w /path-wordlist

Name		Name	Last commit message	Last commit date
Latest commit History 5 Commits
.gitignore		.gitignore
LICENSE		LICENSE
README.md		README.md
exploit.py		exploit.py
requirements.txt		requirements.txt

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

.gitignore

.gitignore

LICENSE

LICENSE

README.md

README.md

exploit.py

exploit.py

requirements.txt

requirements.txt

Repository files navigation

CVE-2019-9053-Python3

Description

Usage

Specify a target URI and optionally a wordlist for cracking the admin password.

Example usage (no cracking password):

Example usage (with cracking password):

About

Languages

License

Doc0x1/CVE-2019-9053-Python3

Folders and files

Latest commit

History

Repository files navigation

CVE-2019-9053-Python3

Description

Usage

Specify a target URI and optionally a wordlist for cracking the admin password.

Example usage (no cracking password):

Example usage (with cracking password):

About

Topics

Resources

License

Stars

Watchers

Forks

Languages