Multiple vulnerabilities found in BigTree CMS 4.0 RC2 by HTB Security Research Lab.
SQL Injection in BigTree CMS: CVE-2013-4879 - exists due to insufficient sanitisation of user-supplied data passed to "site/index.php" script. A remote unauthenticated attacker can execute arbitrary SQL commands in application's database.
Сross-Site Request Forgery (CSRF) in BigTree CMS: CVE-2013-4881 - exists due to insufficient validation of the HTTP request origin. A remote attacker can create a malicious web page with CSRF exploit, trick a logged-in administrator into opening that page and create a new user with administrative privileges.
Cross-Site Scripting (XSS) in BigTree CMS: CVE-2013-4880 - exists due to insufficient filtration of user-supplied data in "module" HTTP GET parameter passed to "site/index.php/admin/developer/modules/views/add/" URL. A remote attacker can trick a logged-in administrator to open a specially crafted link and execute arbitrary HTML and script code in browser in context of the vulnerable website.
To fix this vulnerabilities follow instuctions on researcher's page.
No comments:
Post a Comment