CVE-2020-7356

CRITICAL

Cayintech Xpost - SQL Injection

Title source: rule

Description

CAYIN xPost suffers from an unauthenticated SQL Injection vulnerability. Input passed via the GET parameter 'wayfinder_seqid' in wayfinder_meeting_input.jsp is not properly sanitized before being returned to the user or used in SQL queries. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code and execute SYSTEM commands.

Exploits (1)

metasploit WORKING POC EXCELLENT

by h00die, Gjoko Krstic (LiquidWorm) <[email protected]> · rubypoc

https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/http/cayin_xpost_sql_rce.rb

View Code ZIP pw:eip

References (2)

[Exploit, Third Party Advisory] https://www.zeroscience.mk/en/vulnerabilities/ZSL-2020-5571.php

[Patch, Third Party Advisory] https://github.com/rapid7/metasploit-framework/pull/13607

Scores

CVSS v3 10.0

EPSS 0.6151

EPSS Percentile 98.3%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:N

Details

CWE

CWE-89

Status published

Products (3)

cayintech/xpost 1.0

cayintech/xpost 2.0

cayintech/xpost 2.5.18103

Published Aug 06, 2020

Tracked Since Feb 18, 2026