Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

EyouCMS v1.5.9 has a vulnerability, Cross-site request forgery(CSRF) #29

Closed
h18192h opened this issue Oct 27, 2022 · 1 comment
Closed

Comments

@h18192h
Copy link

h18192h commented Oct 27, 2022

EyouCMS v1.5.9 has a vulnerability, Cross-site request forgery(CSRF).Located in the backend, member center, edit member profile. To exploit this vulnerability, a constructed HTML file needs to be opened

  1. Enter the background - > member center - > edit members - > basic information
    图片1
    图片2
  2. Construct a request package to modify the membership level and login password, among other basic information
    图片3
    The figure above shows the constructed web code, and the password is changed to "csrftest" through CSRF, and the membership level is changed to premium membership (100 days).
  3. View profile
    图片4
    In this case, the password is "test01" and the membership level is registered member
  4. Click on the constructed web page
    图片5
    Return to the client refresh page to log in to test01 again, the password has been changed to "csrftest", and the membership level has been changed to premium membership
    图片6
    图片7
    图片8
    At this point the password has been changed to "csrftest"
    The client views personal information:
    图片9
    View the test01 user's profile in the background:
    图片10
@weng-xianhu
Copy link
Owner

已修复,将在v1.6.2版本发布

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

2 participants