The provided text describes multiple vulnerabilities in Energine CMS, including SQL injection, path disclosure, and CSRF. It includes PoC URLs and a form-based CSRF exploit but lacks executable code.
Classification
Writeup 90%
Attack Type
Sqli | Info Leak | Auth Bypass
Complexity
Trivial
Reliability
Theoretical
Target:Energine CMS 2.3.8 and prior
No auth needed
Prerequisites:Access to the target web application