SB2019030403 - Multiple vulnerabilities in PopojiCMS

CSH
CYBERSECURITY HELP
Sign In REGISTER

Main Vulnerability Database SB2019030403

SB2019030403 - Multiple vulnerabilities in PopojiCMS

Published: March 4, 2019

Security Bulletin ID SB2019030403
CSH Severity
Medium
Patch available
NO
Number of vulnerabilities 4
Exploitation vector Remote access
Highest impact Data manipulation

Breakdown by Severity

Medium 100%
  • Low
  • Medium
  • High
  • Critical

Description

This security bulletin contains information about 4 vulnerabilities.


1) Path traversal (CVE-ID: CVE-2018-18936)

The vulnerability allows a remote attacker to perform directory traversal attacks.

The vulnerability exists due to input validation error when processing directory traversal sequences within admin_library.php when processing data passed via the "id" parameter to "po-admin/route.php?mod=library&act=delete" URI. A remote administrator can send a specially crafted HTTP request and delete arbitrary files on the system.

Note, this vulnerability can be exploited via CSRF.


2) Cross-site request forgery (CVE-ID: CVE-2018-18935)

The vulnerability allows a remote attacker to perform cross-site request forgery attacks.

The vulnerability exists due to insufficient validation of the HTTP request origin in the "po-admin/route.php?mod=component&act=addnew" URI. A remote attacker can trick the victim to visit a specially specially crafted web page and perform arbitrary actions on behalf of the victim on the vulnerable website, such as adding a level=1 account.


3) Dangerous file upload (CVE-ID: CVE-2018-18934)

The vulnerability allows a remote attacker to upload dangerous files to the system.

The vulnerability exists due to insufficient validation of the uploaded files passed via the "fupload" parameter to "po-admin/route.php?mod=component&act=addnew" URI. A remote authenticated administrator can upload a .zip archive with .php file inside and execute it with privileges of the web server.

Note, this vulnerability can be exploited via CSRF attack.



4) Cross-site request forgery (CVE-ID: CVE-2019-9549)

The vulnerability allows a remote attacker to perform cross-site request forgery attacks.

The vulnerability exists due to insufficient validation of the HTTP request origin in the po-admin/route.php?mod=user&act=addnew URI. A remote attacker can trick the victim to visit a specially specially crafted web page and perform arbitrary actions on behalf of the victim on the vulnerable website, such as adding a level=1 account.


Remediation

Cybersecurity Help is not aware of any official remediation provided by the vendor.

References