CVE-2018-19135

Published: Nov 11, 2018Modified: Nov 21, 2024

8.8

Vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Exploitability: 2.8 / Impact: 5.9

Source: NVD

Description

ClipperCMS 1.3.3 does not have CSRF protection on its kcfinder file upload (enabled by default). This can be used by an attacker to perform actions for an admin (or any user with the file upload capability). With this vulnerability, one can automatically upload files (by default, it allows html, pdf, xml, zip, and many other file types). A file can be accessed publicly under the "/assets/files" directory.

Affected (1)

Products: Clippercms: Clippercms

1 product

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Clippercms Clippercms	Version 1.3.3

Related CWEs

Cross-Site Request Forgery (CSRF)

The web application does not, or can not, sufficiently verify whether a well-formed, valid, consistent request was intentionally provided by the user who submitted the request.

References (4)

https://github.com/ClipperCMS/ClipperCMS/issues/494

Source: cve@mitre.org

ExploitIssue TrackingThird Party Advisory

https://www.exploit-db.com/exploits/45839/

Source: cve@mitre.org

ExploitThird Party AdvisoryVDB Entry

https://github.com/ClipperCMS/ClipperCMS/issues/494

Source: af854a3a-2127-422b-91ae-364da2661108

ExploitIssue TrackingThird Party Advisory

https://www.exploit-db.com/exploits/45839/

Source: af854a3a-2127-422b-91ae-364da2661108

ExploitThird Party AdvisoryVDB Entry

Timeline

No history available yet.