cbcvebase.
CVE-2021-3018
published 2021-01-05

CVE-2021-3018: ipeak Infosystems ibexwebCMS (aka IPeakCMS) 3.5 is vulnerable to an unauthenticated Boolean-based SQL injection via the id parameter on the /cms/print.php page.

PriorityP179critical9.8CVSS 3.1
AVNACLPRNUINSUCHIHAH
ITWEXPLOITVulnCheck KEV
Exploited in the wild
EPSS
19.51%
97.0th percentile
ipeak Infosystems ibexwebCMS (aka IPeakCMS) 3.5 is vulnerable to an unauthenticated Boolean-based SQL injection via the id parameter on the /cms/print.php page.

Affected

1 ranges
VendorProductVersion rangeFixed in
ipeakipeakcms

Detection & IOCsextracted from sources · hover to see the quote

path/cms/print.php
url/cms/print.php?id=1%20AND%207334=BENCHMARK(8000000,MD5(0x73636a72))
otherid=(SELECT (CASE WHEN(3104=3104) THEN 1 ELSE (SELECT 8458) END))
  • Fingerprint vulnerable IPeakCMS 3.5 instances by checking the login page at /cms/ for the string 'webCMS-3.5' in the body.
  • Confirm exploitation of the time-based BENCHMARK payload by checking for a response duration >= 8 seconds alongside HTTP 200 and the string 'onLoad="print();"' in the body.
  • FOFA query to discover exposed IPeakCMS 3.5 instances on the internet.
  • Detect exploitation attempts by monitoring GET requests to /cms/print.php containing SQL injection keywords such as BENCHMARK, CASE WHEN, or SELECT in the 'id' parameter.
  • ·Exploitation requires a valid numeric 'id' value that returns a page; attackers must first enumerate a valid ID (e.g., id=1) before injecting payloads.
  • ·The Nuclei template is marked as unverified (verified: false), so detection logic should be validated in a controlled environment before production deployment.
  • ·The time-based detection probe uses a 30-second timeout; network latency may cause false positives or false negatives when using duration-based detection.

CVSS provenance

nvdv3.19.8CRITICALCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
nvdv2.07.5HIGHAV:N/AC:L/Au:N/C:P/I:P/A:P
vulncheck9.8CRITICAL
vendor_redhat5.5MEDIUM
CVEs like this are exactly what “Exploited This Week” covers.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.