Ananta Gazelle CMS – Update Statement Sql injection
This SQL injection vulnerability allows an attacker to update the username and password of the admin user in Ananta Gazelle CMS. The vulnerability is present in the 'forgot.php' page, where the user can submit a form to set a new activation key for their account. The vulnerable code does not properly sanitize the user input, allowing the attacker to modify the SQL query and set arbitrary values for the admin username and password. The vulnerability can be exploited by sending a specially crafted POST request to the 'forgot.php' page with the desired values for the username and password. The exploit changes the username to '1' and the password to '1' by copying the value of a default column in the 'users' table. This allows the attacker to gain administrative access to the CMS.