Published: 12/05/2023 Updated: 25/05/2023

CVSS v3 Base Score: 9.8 | Impact Score: 5.9 | Exploitability Score: 3.9

VMScore: 0

SQL injection vulnerability found in Maximilian Vogt companymaps (cmaps) v.8.0 allows a remote malicious user to execute arbitrary code via a crafted script in the request.

Vulnerable Product	Search on Vulmon	Subscribe to Product
companymaps project companymaps 8.0

Companymaps version 80 suffers from a remote SQL injection vulnerability ...

Exploit Title: Unauthenticated SQL injection Google Dork: Date: 27042023 Exploit Author: Lucas Noki (0xPrototype) Vendor Homepage: githubcom/vogtmh Software Link: githubcom/vogtmh/cmaps Version: 80 Tested on: Mac, Windows, Linux CVE : CVE-2023-29809 Description: The vulnerability found is an SQL injection The bookmap parameter is vulnerable When visitin

[ Web XPL ] :: [ CP 1 - Pesquisa Vulns Web & Hacker101 CTF ]

CTF: Micro-CMS v2, Moderate Nota-se uma aplicação web que cria páginas Aparentemente algumas vulnerabilidades que existiam no antigo sistema foram corrigidas, e um novo sistema de autenticação foi implementado Por meio da leitura de todas as páginas, não foi possível encontrar nada Acessar páginas que poderiam es

CWE-89 https://packetstormsecurity.com/files/172146/Companymaps-8.0-SQL-Injection.html https://www.exploit-db.com/exploits/51422 https://github.com/zPrototype/CVE-2023-29809 https://nvd.nist.gov https://github.com/zPrototype/CVE-2023-29809 https://github.com/arakakivl/xpl_cp1 https://packetstormsecurity.com/files/172146/Companymaps-8.0-SQL-Injection.html

CVE-2023-29809

Vulnerability Summary

Vulnerability Trend

Exploits

Github Repositories

References

Vulmon Search

About

Products

Connect