CVE-2023-29809
published 2023-05-12CVE-2023-29809: SQL injection vulnerability found in Maximilian Vogt companymaps (cmaps) v.8.0 allows a remote attacker to execute arbitrary code via a crafted script in the…
PriorityP269critical9.8CVSS 3.1
AVNACLPRNUINSUCHIHAH
EXPLOIT
EPSS
10.51%
95.2th percentile
SQL injection vulnerability found in Maximilian Vogt companymaps (cmaps) v.8.0 allows a remote attacker to execute arbitrary code via a crafted script in the request.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| companymaps_project | companymaps | — | — |
Detection & IOCsextracted from sources · hover to see the quote
- →Monitor HTTP requests to /rest/booking/index.php for SQL injection patterns in the `bookmap` parameter, particularly time-based blind payloads containing sleep() or select*from constructs. ↗
- →Alert on the specific time-based blind SQLi payload pattern `'-(select*from(select+sleep(` appearing in the `bookmap` query parameter. ↗
- →Detect sqlmap automated exploitation attempts against /rest/booking/index.php indicated by --random-agent usage; correlate with anomalous response times (e.g., ~2 second delays) on that endpoint. ↗
- →Watch for the server-side error message `mysqli_num_rows() expects parameter 1 to be mysqli_result, bool given` in application logs, which indicates a malformed SQL query triggered via the bookmap parameter. ↗
- ·The exploit targets LDAP credentials stored in the database; successful exploitation via sqlmap --dump may exfiltrate these credentials, broadening the blast radius beyond the web application. ↗
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
No writeups or analysis indexed.
https://github.com/zPrototype/CVE-2023-29809https://packetstormsecurity.com/files/172146/Companymaps-8.0-SQL-Injection.htmlhttps://www.exploit-db.com/exploits/51422https://github.com/zPrototype/CVE-2023-29809https://packetstormsecurity.com/files/172146/Companymaps-8.0-SQL-Injection.htmlhttps://www.exploit-db.com/exploits/51422
2023-05-12
Published