# CVE-2023-48863

**Repository Path**: NoBlake/cve-2023-48863

## Basic Information

- **Project Name**: CVE-2023-48863
- **Description**: CVE-2023-48863
- **Primary Language**: Unknown
- **License**: Not specified
- **Default Branch**: master
- **Homepage**: None
- **GVP Project**: No

## Statistics

- **Stars**: 0
- **Forks**: 0
- **Created**: 2023-11-30
- **Last Updated**: 2024-01-03

## Categories & Tags

**Categories**: Uncategorized

**Tags**: None

## README

# CVE-2023-48863

Products: SEMCMS PHP

Vulnerability type: Time blind injection

Vulnerability hazard: Sensitive database information can be obtained

## Details

At Site background directory SQL Injection exists for the ID paramter in SEMCMS_InquiryView.php,which is scanned and replicated using this project python script.

## Usage:

```python
python poc.py url "cookie"
```

example:

```python
python poc.py http://www.xxx.com/bJRbbi_Admin/SEMCMS_InquiryView.php "scusername=%E6%80%BB%E8%B4%A6%E5%8F%B7; scuseradmin=Admin; scuserpass=c4ca4238a0b923820dcc509a6f75849b"
```