.. / CVE-2023-39796

Exploit for WBCE 1.6.0 - SQL Injection (CVE-2023-39796)

Description:

There is an sql injection vulnerability in “miniform module” which is a default module installed in the WBCE cms. It is an unauthenticated sqli so anyone could access it and takeover the whole database. In file “/modules/miniform/ajax_delete_message.php” there is no authentication check. On line 40 in this file, there is a DELETE query that is vulnerable, an attacker could jump from the query using the tick sign - `.

Nuclei Template

View the template here CVE-2023-39796.yaml

Validate with Nuclei

echo "$URL" | nuclei -t ~/nuclei-templates/http/cves/2023/CVE-2023-39796.yaml
Copy

References:

https://nvd.nist.gov/vuln/detail/CVE-2023-39796
https://github.com/WBCE/WBCE_CMS/releases/tag/1.6.1
https://pastebin.com/PBw5AvGp
https://forum.wbce.org/viewtopic.php?pid=42046#p42046