Vulners
Lucene search
Craft CMS 2.7.9/3.2.5 - Information Disclosure
🗓️ 02 Sep 2019 00:00:00Reported by Mohammed Abdul RaheemType 
exploitdb🔗 www.exploit-db.com👁 444 Views
| Reporter | Title | Published | Views | Family All 10 |
|---|---|---|---|---|
 | Craft CMS 2.7.9/3.2.5 - Information Disclosure Vulnerability | 3 Sep 201900:00 | – | zdt |
 | Craft CMS Information Disclosure Vulnerability (CNVD-2019-24876) | 26 Jul 201900:00 | – | cnvd |
 | CVE-2019-14280 | 26 Jul 201903:52 | – | cve |
 | CVE-2019-14280 | 26 Jul 201903:52 | – | cvelist |
 | Craft CMS 2.7.93.2.5 - Information Disclosure | 2 Sep 201900:00 | – | exploitpack |
 | CVE-2019-14280 | 26 Jul 201904:15 | – | nvd |
 | Craft CMS 2.7.9 / 3.2.5 Information Disclosure | 1 Sep 201900:00 | – | packetstorm |
 | Code injection | 26 Jul 201904:15 | – | prion |
 | CVE-2019-14280 | 22 May 202508:07 | – | redhatcve |
 | Information Leakage | 26 Jul 201909:28 | – | veracode |
10
# Exploit Title : CraftCms Users information disclosure From uploaded File
# Author [Discovered By] : Mohammed Abdul Raheem
# Author's [Company Name] : TrekShield IT Solution
# Author [Exploit-db] : https://www.exploit-db.com/?author=9783
# Found Vulnerability On : 20-07-2019
# Vendor Homepage:https://craftcms.com/
# Software Information Link: https://github.com/craftcms/demo
# Software Affected Versions : CraftCms v2 before 2.7.10 and CraftCmsv3 before 3.2.6
# Tested On : Windows and Linux
# Category : WebApps
# Exploit Risk : Medium
# Vulnerability Type : Sensitive information disclosure
# CVE : CVE-2019-14280
####################################################################
# Description about Software :
***************************
Craft is a flexible, user-friendly CMS for creating custom digital
experiences on the web and beyond.
####################################################################
# Vulnerability Description :
*****************************
When a user uploads an image in CraftCMS, the uploaded image's EXIF
Geolocation Data does not gets stripped. As a result, anyone can get
sensitive information of CraftCMS's users like their Geolocation,
their Device information like Device Name, Version, Software &
Software version used etc.
# Impact :
***********
This vulnerability is CRITICAL and impacts all the craft's customer
base. This vulnerability violates the privacy of a User and shares
sensitive information of the user who uploads an image on CraftCMS.
# Steps To Validate :
*********************
1. Login to CraftCMS account.
2. Go to endpoint https://demo.craftcms.com/<token>/s/admin/assets
3. Upload an image which has EXIF Geolocation Data in it.
4. Once the image is uploaded by CraftCMS and hosted on the server,
download the image file and check the File Properties. You can also
use a tool like to view user's information: https://www.pic2map.com
# ATTACHED POC :
****************
https://youtu.be/s-fTdu8R3bU
# More Information Can be find here :
*************************************
https://github.com/craftcms/cms/blob/develop/CHANGELOG-v3.md#326---2019-07-23
###################################################################
# Discovered By Mohammed Abdul Raheem from TrekShield.comData
Build on a solid foundation with Vulners data
We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data
Api
Power your application with Vulners API
The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access
App
Assess and manage vulnerabilities with Vulners tools
Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation
02 Sep 2019 00:00Current
5.6Medium risk
Vulners AI Score5.6
CVSS 25
CVSS 35.3
EPSS0.15649