Giters

SchmidAlex / nex-forms_SQL-Injection-CVE-2023-2114

Quick Review about the SQL-Injection in the NEX-Forms Plugin for WordPress

Geek Repo:Geek Repo

Github PK Tool:Github PK Tool

nex-forms_SQL-Injection CVE-2023-2114

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-2114

https://wpscan.com/vulnerability/3d8ab3a5-1bf8-4216-91fa-e89541e5c43d

Quick Review about the SQL-Injection in the NEX-Forms Plugin for WordPress

Uploaded exploit

Note that this uploaded exploit code isnt for this particular vulnerability... But this is an example how you could make an exploit for this issue.

Vulnerable Versions

From Version 8.3 (Maybe earlier too) till version 8.4

The SQL-Injection itself

The SQL-Injection is placed in the authenticated area from NEX-Forms. When you edit a form and want to safe it, your client sends a post-request to the server with some parameters.

One of those parameters is called 'table' which is vulnerable. There was no sanitizing or filtering.

Screenshots

request save-button sql_error database

About

Quick Review about the SQL-Injection in the NEX-Forms Plugin for WordPress

Languages

Language:HTML 100.0%