The document describes multiple vulnerabilities in CMSQLITE v1.3.2, including a local file inclusion (LFI) vulnerability in mediaAdmin.php, a cross-site scripting (XSS) vulnerability, and multiple cross-site request forgery (CSRF) vulnerabilities. It provides proof-of-concept (PoC) examples for exploitation.
Classification
Writeup 90%
Attack Type
Other
Complexity
Trivial
Reliability
Theoretical
Target:CMSQLITE v1.3.2
No auth needed
Prerequisites:Access to the vulnerable CMSQLITE v1.3.2 instance