Description
SQL injection (SQLi) in MegaCMS v12.0.0, specifically in the “id_territorio” parameter of the “/web_comunications/cms/get_provincias” endpoint. The vulnerability arises from inadequate validation and sanitisation of user input. Specifically, via a POST request, the “id_territorio” parameter, used immediately after the registration form is submitted, could be manipulated by an unauthenticated attacker to execute arbitrary SQL queries.
Problem types
CWE-89 Improper neutralization of special elements used in an SQL command (‘SQL injection’)
Product status
12.0.0
Credits
Miguel Ovejero (Lapsor)
References
www.incibe.es/…ection-megacms-crm-sistemas-de-fidelizacion
