CVE-2020-10560

MEDIUM LAB

OSSN <5.3 - Info Disclosure

Title source: llm

Description

An issue was discovered in Open Source Social Network (OSSN) through 5.3. A user-controlled file path with a weak cryptographic rand() can be used to read any file with the permissions of the webserver. This can lead to further compromise. The attacker must conduct a brute-force attack against the SiteKey to insert into a crafted URL for components/OssnComments/ossn_com.php and/or libraries/ossn.lib.upgrade.php.

Exploits (3)

nomisec WORKING POC 8 stars

by kevthehermit · poc

https://github.com/kevthehermit/CVE-2020-10560

View Code ZIP pw:eip

nomisec WORKING POC 3 stars

by alex-seymour · poc

https://github.com/alex-seymour/CVE-2020-10560-Key-Recovery

View Code ZIP pw:eip

inthewild WORKING POC

poc

https://github.com/lucidunicorn/cve-2020-10560-key-recovery

View Code ZIP pw:eip

References (2)

[Third Party Advisory] https://github.com/LucidUnicorn/CVE-2020-10560-Key-Recovery

[Exploit, Third Party Advisory] https://techanarchy.net/blog/cve-2020-10560-ossn-arbitrary-file-read

Scores

CVSS v3 5.9

EPSS 0.0606

EPSS Percentile 90.8%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

Lab Environment

COMMUNITY

Community Lab

docker pull mysql:5.7

https://github.com/alex-seymour/CVE-2020-10560-Key-Recovery

https://github.com/kevthehermit/CVE-2020-10560

https://github.com/lucidunicorn/cve-2020-10560-key-recovery

View in Library

Details

CWE

CWE-338

Status published

Products (1)

opensource-socialnetwork/open_source_social_network < 5.3

Published Mar 30, 2020

Tracked Since Feb 18, 2026