https://pwnwiki.com/index.php?action=history&feed=atom&title=CVE-2021%E2%80%9327673_Zenario_CMS_8.8.52729_SQL%E6%B3%A8%E5%85%A5%E6%BC%8F%E6%B4%9E
CVE-2021–27673 Zenario CMS 8.8.52729 SQL注入漏洞 - Revision history
2026-04-15T10:46:21Z
Revision history for this page on the wiki
MediaWiki 1.35.1
https://pwnwiki.com/index.php?title=CVE-2021%E2%80%9327673_Zenario_CMS_8.8.52729_SQL%E6%B3%A8%E5%85%A5%E6%BC%8F%E6%B4%9E&diff=4792&oldid=prev
Pwnwiki: Marked this version for translation
2021-06-12T01:24:11Z
<p>Marked this version for translation</p>
<table class="diff diff-contentalign-left diff-editfont-monospace" data-mw="interface">
<col class="diff-marker" />
<col class="diff-content" />
<col class="diff-marker" />
<col class="diff-content" />
<tr class="diff-title" lang="chinese">
<td colspan="2" style="background-color: #fff; color: #202122; text-align: center;">← Older revision</td>
<td colspan="2" style="background-color: #fff; color: #202122; text-align: center;">Revision as of 01:24, 12 June 2021</td>
</tr><tr><td colspan="2" class="diff-lineno" id="mw-diff-left-l2" >Line 2:</td>
<td colspan="2" class="diff-lineno">Line 2:</td></tr>
<tr><td class='diff-marker'> </td><td style="background-color: #f8f9fa; color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #eaecf0; vertical-align: top; white-space: pre-wrap;"></td><td class='diff-marker'> </td><td style="background-color: #f8f9fa; color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #eaecf0; vertical-align: top; white-space: pre-wrap;"></td></tr>
<tr><td class='diff-marker'> </td><td style="background-color: #f8f9fa; color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #eaecf0; vertical-align: top; white-space: pre-wrap;"><div><translate></div></td><td class='diff-marker'> </td><td style="background-color: #f8f9fa; color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #eaecf0; vertical-align: top; white-space: pre-wrap;"><div><translate></div></td></tr>
<tr><td class='diff-marker'>−</td><td style="color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #ffe49c; vertical-align: top; white-space: pre-wrap;"><div>==影響版本==</div></td><td class='diff-marker'>+</td><td style="color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #a3d3ff; vertical-align: top; white-space: pre-wrap;"><div>==影響版本== <ins class="diffchange diffchange-inline"><!--T:1--></ins></div></td></tr>
<tr><td class='diff-marker'> </td><td style="background-color: #f8f9fa; color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #eaecf0; vertical-align: top; white-space: pre-wrap;"><div></translate></div></td><td class='diff-marker'> </td><td style="background-color: #f8f9fa; color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #eaecf0; vertical-align: top; white-space: pre-wrap;"><div></translate></div></td></tr>
<tr><td class='diff-marker'> </td><td style="background-color: #f8f9fa; color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #eaecf0; vertical-align: top; white-space: pre-wrap;"><div>Version: 8.8.52729</div></td><td class='diff-marker'> </td><td style="background-color: #f8f9fa; color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #eaecf0; vertical-align: top; white-space: pre-wrap;"><div>Version: 8.8.52729</div></td></tr>
<!-- diff cache key pwn_wiki:diff::1.12:old-4788:rev-4792 -->
</table>
Pwnwiki
https://pwnwiki.com/index.php?title=CVE-2021%E2%80%9327673_Zenario_CMS_8.8.52729_SQL%E6%B3%A8%E5%85%A5%E6%BC%8F%E6%B4%9E&diff=4788&oldid=prev
Pwnwiki: Created page with "<languages /> <translate> ==影響版本== </translate> Version: 8.8.52729 ==EXP== <pre> # Exploit Title: Zenario CMS 8.8.52729 - 'cID' Blind & Error based SQL injection (A..."
2021-06-12T01:22:51Z
<p>Created page with "<languages /> <translate> ==影響版本== </translate> Version: 8.8.52729 ==EXP== <pre> # Exploit Title: Zenario CMS 8.8.52729 - 'cID' Blind & Error based SQL injection (A..."</p>
<p><b>New page</b></p><div><languages /><br />
<br />
<translate><br />
==影響版本==<br />
</translate><br />
Version: 8.8.52729<br />
<br />
<br />
==EXP==<br />
<pre><br />
# Exploit Title: Zenario CMS 8.8.52729 - 'cID' Blind & Error based SQL injection (Authenticated)<br />
# Date: 05–02–2021<br />
# Exploit Author: Avinash R<br />
# Vendor Homepage: https://zenar.io/<br />
# Software Link: https://github.com/TribalSystems/Zenario/releases/tag/8.8<br />
# Version: 8.8.52729<br />
# Tested on: Windows 10 Pro (No OS restrictions)<br />
# CVE : CVE-2021–27673<br />
# Reference: https://deadsh0t.medium.com/blind-error-based-authenticated-sql-injection-on-zenario-8-8-52729-cms-d4705534df38<br />
<br />
##### Step To Reproduce #####<br />
<br />
1) Login to the admin page of Zenario CMS with admin credentials, which is<br />
http://server_ip/zenario/admin.php<br />
<br />
2) Click on, New → HTML page to create a new sample page and intercept it<br />
with your interceptor.<br />
<br />
3) Just a single quote on the 'cID' parameter will confirm the SQL<br />
injection.<br />
<br />
4) After confirming that the 'cID' parameter is vulnerable to SQL<br />
injection, feeding the request to SQLMAP will do the rest of the work for<br />
you.<br />
<br />
############ End ############<br />
</pre></div>
Pwnwiki