Miggo Logo

CVE-2018-9108: QuickAppsCMS Cross-Site Request Forgery (CSRF)

8.8

CVSS Score
3.0

Basic Information

EPSS Score
0.43027%
Published
5/14/2022
Updated
4/23/2024
KEV Status
No
Technology
TechnologyPHP

Technical Details

CVSS Vector
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Package NameEcosystemVulnerable VersionsFirst Patched Version
quickapps/cmscomposer= 2.0.0-beta2

Vulnerability Intelligence
Miggo AIMiggo AI

Miggo AIRoot Cause Analysis

The vulnerability manifests in the user creation endpoint's handler function. The provided PoC demonstrates successful admin account creation via a simple POST request without CSRF tokens. In MVC architectures, this would correspond to a controller action (likely add() in UserManageController) that failed to implement CSRF protection decorators/annotations or token validation checks before processing sensitive user creation operations.

Vulnerable functions

Only Mi**o us*rs **n s** t*is s**tion

WAF Protection Rules

WAF Rule

*SR* in `/**min/us*r/m*n***/***` in Qui*k*pps*MS *.*.*-**t** *llows *n un*ut*oriz** r*mot* *tt**k*r to *r**t* *n ***ount wit* **min privil***s.

Reasoning

T** vuln*r**ility m*ni**sts in t** us*r *r**tion *n*point's **n*l*r *un*tion. T** provi*** Po* **monstr*t*s su***ss*ul **min ***ount *r**tion vi* * simpl* POST r*qu*st wit*out *SR* tok*ns. In MV* *r**it**tur*s, t*is woul* *orr*spon* to * *ontroll*r *