Описание
A SQL Injection vulnerability in get_topic_info() in sys/CODOF/Forum/Topic.php in Codoforum before 4.9 allows remote attackers (pre-authentication) to bypass the admin page via a leaked password-reset token of the admin. (As an admin, an attacker can upload a PHP shell and execute remote code on the operating system.)
A SQL Injection vulnerability in get_topic_info() in sys/CODOF/Forum/Topic.php in Codoforum before 4.9 allows remote attackers (pre-authentication) to bypass the admin page via a leaked password-reset token of the admin. (As an admin, an attacker can upload a PHP shell and execute remote code on the operating system.)
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2020-13873
- https://blog.sonarsource.com/codoforum-4.8.7-critical-code-vulnerabilities-explained
- https://community.sonarsource.com/c/announce/stories/23
- https://community.sonarsource.com/t/codoforum-4-8-7-critical-code-vulnerabilities-explained/28297
- https://github.com/SmashITs
- https://twitter.com/sonarsource/status/1300818196090384384
- http://codologic.com/forum
Связанные уязвимости
A SQL Injection vulnerability in get_topic_info() in sys/CODOF/Forum/Topic.php in Codoforum before 4.9 allows remote attackers (pre-authentication) to bypass the admin page via a leaked password-reset token of the admin. (As an admin, an attacker can upload a PHP shell and execute remote code on the operating system.)
Уязвимость функции get_topic_info() (sys/CODOF/Forum/Topic.php) программного средства для создания форумов Codoforum, позволяющая нарушителю выполнить произвольный код