Exploitation Summary
EIP tracks 1 public exploit for CVE-2018-19135. PoCs published by Ameer Pornillos.
AI-analyzed exploit summary This PoC demonstrates a CSRF vulnerability in ClipperCMS 1.3.3, allowing an attacker to upload arbitrary files (e.g., a malicious HTML file) via a crafted POST request to the KCFinder file upload endpoint. The exploit leverages the lack of CSRF protection to perform actions on behalf of an authenticated user.
Description
ClipperCMS 1.3.3 does not have CSRF protection on its kcfinder file upload (enabled by default). This can be used by an attacker to perform actions for an admin (or any user with the file upload capability). With this vulnerability, one can automatically upload files (by default, it allows html, pdf, xml, zip, and many other file types). A file can be accessed publicly under the "/assets/files" directory.
Exploits (1)
This PoC demonstrates a CSRF vulnerability in ClipperCMS 1.3.3, allowing an attacker to upload arbitrary files (e.g., a malicious HTML file) via a crafted POST request to the KCFinder file upload endpoint. The exploit leverages the lack of CSRF protection to perform actions on behalf of an authenticated user.
References (2)
Scores
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H