Login Sign Up

CVE-2021-32441

7.5 HIGH
SQL Injection

📋 TL;DR

This SQL injection vulnerability in Exponent-CMS v2.6.0 allows attackers to execute arbitrary SQL commands via the selectValue function in the expConfig class. Attackers can potentially access, modify, or delete sensitive database information. All users running Exponent-CMS v2.6.0 are affected.

💻 Affected Systems

Products:
  • Exponent-CMS
Versions: v2.6.0
Operating Systems: All platforms running Exponent-CMS
Default Config Vulnerable: ⚠️ Yes
Notes: All installations of Exponent-CMS v2.6.0 are vulnerable regardless of configuration.

📦 What is this software?

Exponent Cms by Exponentcms

View all CVEs affecting Exponent Cms →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete database compromise including data exfiltration, modification, or deletion; potential privilege escalation to administrative access; possible remote code execution if database functions allow it.

🟠

Likely Case

Unauthorized access to sensitive information stored in the database such as user credentials, personal data, or configuration secrets.

🟢

If Mitigated

Limited impact with proper input validation and parameterized queries preventing SQL injection; database permissions limiting damage scope.

🌐 Internet-Facing: HIGH
🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ⚠️ Yes
Weaponized: LIKELY
Unauthenticated Exploit: ⚠️ Yes
Complexity: LOW

Public proof-of-concept demonstrates exploitation; SQL injection vulnerabilities are commonly weaponized in automated attacks.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: v2.7.0

Vendor Advisory: https://github.com/exponentcms/exponent-cms/issues/1542

Restart Required: No

Instructions:

1. Backup your database and files. 2. Download Exponent-CMS v2.7.0 or later. 3. Replace all files with the new version. 4. Run any database update scripts if provided. 5. Verify functionality.

🔧 Temporary Workarounds

Input Validation Filter

all

Implement strict input validation for all parameters passed to the selectValue function

WAF Rule

all

Deploy web application firewall rules to block SQL injection patterns

🧯 If You Can't Patch

  • Implement network segmentation to isolate the vulnerable system
  • Deploy database monitoring to detect SQL injection attempts

🔍 How to Verify

Check if Vulnerable:

Check Exponent-CMS version in admin panel or by examining the version.php file

Check Version:

grep -r "EXPONENT_VERSION" /path/to/exponent-cms/ or check admin dashboard

Verify Fix Applied:

Confirm version is 2.7.0 or higher and test selectValue function with malicious inputs

📡 Detection & Monitoring

Log Indicators:

  • Unusual SQL error messages in application logs
  • Multiple failed SQL queries from single IP
  • Suspicious parameter values in HTTP requests

Network Indicators:

  • SQL keywords in HTTP parameters (SELECT, UNION, etc.)
  • Unusual database connection patterns

SIEM Query:

source="web_logs" AND ("selectValue" OR "expConfig") AND (sql OR union OR select)

📊 Metadata

CVE ID: CVE-2021-32441
CVSS v3 Score: 7.5 (HIGH)
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
CWE: CWE-89
Published: February 17, 2023
Last Updated: March 19, 2025

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2021-32441, you might also want to check these:

CVE-2024-8522 10.0

This vulnerability allows unauthenticated attackers to perform SQL injection attacks on WordPress si...

Same vulnerability type (CWE-89)
CVE-2024-13152 10.0

This SQL injection vulnerability in BSS Software's Mobuy Online Machinery Monitoring Panel allows at...

Same vulnerability type (CWE-89)
CVE-2021-42311 10.0

CVE-2021-42311 is a critical SQL injection vulnerability in Microsoft Defender for IoT that allows r...

Same vulnerability type (CWE-89)