Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

CSRF Vulnerability exists in the file of Z-BLOG 1.5.2.1935 #201

Closed
Ppsoft1990 opened this issue Oct 29, 2018 · 2 comments
Closed

CSRF Vulnerability exists in the file of Z-BLOG 1.5.2.1935 #201

Ppsoft1990 opened this issue Oct 29, 2018 · 2 comments
Labels

Comments

@Ppsoft1990
Copy link

CSRF Vulnerability exists in the file of Z-BLOG 1.5.2.1935
官网下载的,版本1.5.2.1935
https://www.zblogcn.com/zblogphp/

一些文件可以直接访问会导致csrf_token泄漏。
例如当zb_users/plugin/AppCentre/theme.js.php被以js文件在script标签加载时,
在自己的页面,可以用这个js来操作自己的dom,这样就会间接泄漏csrftoken
image

同时后端对新建模版、新建插件正则似乎有点小问题。最终可能导致代码执行。
image
CSRF Vulnerability exists in the file of Z-BLOG 1.5.2.1935.docx

@zsxsoft
Copy link
Contributor

zsxsoft commented Oct 29, 2018

  1. CSRF Token泄漏问题收到,非常感谢!
  2. 后台本身就可代码执行,除非开启应用中心的“安全模式”。不过这个正则的确有毒……

@zsxsoft
Copy link
Contributor

zsxsoft commented Dec 25, 2018

2018-12-19,常规更新修复。非常感谢。

@zsxsoft zsxsoft closed this as completed Dec 25, 2018
@zsxsoft zsxsoft added the BUG label Jan 31, 2019
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
Projects
None yet
Development

No branches or pull requests

2 participants