Login Sign Up

CVE-2021-33925

9.8 CRITICAL
SQL Injection Authentication Bypass

📋 TL;DR

This CVE describes an SQL injection vulnerability in the cms-corephp project that allows unauthenticated attackers to bypass authentication and gain escalated privileges via a crafted login request. Any system running the vulnerable version of this CMS is affected. The vulnerability exists in the login mechanism where user input is not properly sanitized before being used in SQL queries.

💻 Affected Systems

Products:
  • cms-corephp
Versions: All versions through commit bdabe52ef282846823bda102728a35506d0ec8f9 (May 19, 2021)
Operating Systems: All
Default Config Vulnerable: ⚠️ Yes
Notes: The vulnerability is in the core authentication mechanism and affects all installations using the vulnerable code.

📦 What is this software?

Cms Corephp by Cms Corephp Project

View all CVEs affecting Cms Corephp →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete compromise of the CMS installation with administrative access, allowing data theft, defacement, or installation of backdoors.

🟠

Likely Case

Unauthenticated attackers gain administrative access to the CMS, enabling content manipulation and potential further system compromise.

🟢

If Mitigated

With proper input validation and parameterized queries, the vulnerability would be prevented entirely.

🌐 Internet-Facing: HIGH
🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ⚠️ Yes
Weaponized: LIKELY
Unauthenticated Exploit: ⚠️ Yes
Complexity: LOW

SQL injection in login forms is a well-known attack vector with many existing tools and techniques.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Versions after commit bdabe52ef282846823bda102728a35506d0ec8f9

Vendor Advisory: https://github.com/nitinp1232/cms-corephp/issues/1

Restart Required: No

Instructions:

1. Update to the latest version of cms-corephp from the GitHub repository. 2. Replace all vulnerable files with patched versions. 3. Verify the fix by testing login functionality.

🔧 Temporary Workarounds

Input Validation Filter

all

Implement server-side input validation to sanitize login parameters

Web Application Firewall

all

Deploy a WAF with SQL injection protection rules

🧯 If You Can't Patch

  • Implement parameterized queries or prepared statements for all database interactions
  • Restrict network access to the CMS administration interface using firewall rules

🔍 How to Verify

Check if Vulnerable:

Check if your installation uses code from before commit bdabe52ef282846823bda102728a35506d0ec8f9

Check Version:

Check git commit history or version files in the installation directory

Verify Fix Applied:

Test login functionality with SQL injection payloads to ensure they are rejected

📡 Detection & Monitoring

Log Indicators:

  • Unusual login attempts with SQL syntax in username/password fields
  • Multiple failed login attempts from single IPs

Network Indicators:

  • HTTP POST requests to login.php containing SQL keywords like UNION, SELECT, OR

SIEM Query:

source="web_logs" AND (uri="/login.php" OR uri="/admin/login") AND (request_body LIKE "%UNION%" OR request_body LIKE "%SELECT%" OR request_body LIKE "%OR%1=1%")

📊 Metadata

CVE ID: CVE-2021-33925
CVSS v3 Score: 9.8 (CRITICAL)
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CWE: CWE-89
Published: February 15, 2023
Last Updated: March 20, 2025

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2021-33925, you might also want to check these:

CVE-2024-8522 10.0

This vulnerability allows unauthenticated attackers to perform SQL injection attacks on WordPress si...

Same vulnerability type (CWE-89)
CVE-2024-13152 10.0

This SQL injection vulnerability in BSS Software's Mobuy Online Machinery Monitoring Panel allows at...

Same vulnerability type (CWE-89)
CVE-2021-42311 10.0

CVE-2021-42311 is a critical SQL injection vulnerability in Microsoft Defender for IoT that allows r...

Same vulnerability type (CWE-89)