vendor:
euploader_pro
by:
Milos Zivanovic
7.5
CVSS
HIGH
Permanent XSS and XSRF Vulnerabilities
352, 352, 79
CWE
Product Name: euploader_pro
Affected Version From: 3.1.2001
Affected Version To: 3.1.2001
Patch Exists: NO
Related CWE: N/A
CPE: a:euploaderpro:euploader_pro
Metasploit:
N/A
Other Scripts:
N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References:
N/A
Nuclei Metadata: N/A
Platforms Tested: PHP
2009
eUploader PRO 3.1.1 (XSRF/XSS) Multiple Vulnerabilities
On eUploader PRO script there is no cross site request forgery protection and we can use this to edit any user's profile and set him regular or master admin privileges, change email and password. The only thing required is ID of the user we want to edit. Additionally, this will remove uploaded file by its id and there is a permanent XSS vulnerability.
Mitigation:
Implement Cross-Site Request Forgery (CSRF) protection, validate user input and sanitize it, and use a Content Security Policy (CSP) to prevent XSS attacks.