PbootCMS 2.0.7 - SQL Injection

What is the "PbootCMS 2.0.7 - SQL Injection?"

The "PbootCMS 2.0.7 - SQL Injection" module is designed to detect a SQL injection vulnerability in PbootCMS version 2.0.7. PbootCMS is a content management system that allows users to create and manage websites. This module focuses on identifying the SQL injection vulnerability in the system, which can potentially lead to unauthorized access, data manipulation, and execution of arbitrary code.

This vulnerability is classified as CWE-89 and has a CVSS score of 10, indicating its critical severity. It is important to address this vulnerability promptly to prevent potential exploitation.

Impact

If successfully exploited, the SQL injection vulnerability in PbootCMS 2.0.7 can have severe consequences. An attacker can potentially gain unauthorized access to the underlying database, retrieve sensitive information, modify data, and even execute arbitrary code. This can lead to data breaches, unauthorized access to user accounts, and potential compromise of the entire system.

How the module works?

The "PbootCMS 2.0.7 - SQL Injection" module works by sending HTTP requests to the target system and analyzing the responses for specific patterns. It specifically targets the "pbootcms.db" file, which is associated with the SQLite database used by PbootCMS.

One example of an HTTP request sent by this module is:

GET /data/pbootcms.db

The module then applies matching conditions to the response to determine if the SQL injection vulnerability is present. The matching conditions include checking for the presence of specific words like "PbootCMS" and "SQLite format 3" in the response body, as well as verifying that the response status is 200 (OK).

If the matching conditions are met, the module reports the vulnerability, indicating the presence of the SQL injection vulnerability in the target PbootCMS 2.0.7 installation.