Maccms10 SQL Injection Vulnerability in Database Controller
Vulnerability
A SQL injection vulnerability has been identified in Maccms10 version 2025.1000.4050. The issue arises in the 'rep' function of 'application/admin/controller/Database.php', where the 'where' parameter is not properly sanitized. This flaw allows an administrator to execute arbitrary SQL queries. The vulnerability can be exploited remotely, and a public exploit is available.
Impact
Exploitation of this vulnerability allows for SQL injection, where an attacker can manipulate SQL queries to the database. This could lead to unauthorized data access, data manipulation, or in some cases, executing administrative operations on the database.
Reproduction
To reproduce this vulnerability, an authenticated administrator can send a request to the 'rep' function in the 'Database.php' controller. The 'where' parameter should be manipulated with unsanitized input, which will be processed by the application and executed as part of an SQL query. This exploitation can be automated with the available public exploit.
Vulnerability Rating
Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.