ZZCMS 2023 SQL Injection Vulnerability in Admin Wangkan List

A SQL injection vulnerability has been identified in ZZCMS 2023, specifically within the admin wangkan_list.php file. This vulnerability arises from improper handling of the keyword parameter, allowing remote attackers to manipulate SQL queries. Exploitation of this vulnerability is straightforward, with public proof-of-concept available.

Impact

Exploitation of this vulnerability allows for SQL injection, where an attacker can interfere with the application's database queries. This could lead to unauthorized data access, data manipulation, or in some cases, executing administrative operations on the database.

Reproduction

To reproduce this vulnerability, log into the backend system and navigate to the wangkan_list.php administration page. Once there, send a GET request to the wangkan_list.php file with a crafted keyword parameter that exploits the SQL injection vulnerability. The proof-of-concept demonstrates using a UNION SELECT payload to test for SQL injection, followed by a payload that writes a PHP shell to the server.