CVE-2018-3783

CRITICAL LAB

flintcms <= 1.1.9 - Blind MongoDB Injection in Password Reset

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2018-3783. PoCs published by nisaruj.

AI-analyzed exploit summary This repository contains a working PoC for CVE-2018-3783, a blind NoSQL injection vulnerability in FlintCMS 1.1.9. The exploit leverages regex-based injection in the password reset functionality to extract user emails and tokens.

Description

A privilege escalation detected in flintcms versions <= 1.1.9 allows account takeover due to blind MongoDB injection in password reset.

Exploits (1)

nomisec WORKING POC 4 stars

by nisaruj · poc

https://github.com/nisaruj/nosqli-flintcms

View Code ZIP pw:eip

This repository contains a working PoC for CVE-2018-3783, a blind NoSQL injection vulnerability in FlintCMS 1.1.9. The exploit leverages regex-based injection in the password reset functionality to extract user emails and tokens.

Classification

Working Poc 95%

Attack Type

Info Leak

Complexity

Moderate

Reliability

Reliable

Target: FlintCMS 1.1.9

No auth needed

Prerequisites: Docker environment · FlintCMS instance running on localhost:4000

MITRE ATT&CK

T1565.001 - Stored Data Manipulation

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (1)

Core 1

Core References

Exploit, Patch, Third Party Advisory x_refsource_misc

https://hackerone.com/reports/386807

Scores

CVSS v3 9.8

EPSS 0.0333

EPSS Percentile 87.6%

Attack Vector NETWORK

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Lab Environment

COMMUNITY

Community Lab

docker pull mongo:4.2.23

https://github.com/nisaruj/nosqli-flintcms

View in Library

Details

CWE

CWE-89

Status published

Products (2)

flintcms/flintcms < 1.1.9

npm/flintcms 0 - 1.1.10npm

Published Aug 17, 2018

Tracked Since Feb 18, 2026