Published: 12/11/2019 Updated: 15/11/2019

CVSS v2 Base Score: 8.5 | Impact Score: 10 | Exploitability Score: 6.8

CVSS v3 Base Score: 9 | Impact Score: 6 | Exploitability Score: 2.3

VMScore: 855

Vector: AV:N/AC:M/Au:S/C:C/I:C/A:C

FUDForum 3.0.9 is vulnerable to Stored XSS via the User-Agent HTTP header. This may result in remote code execution. An attacker can use a user account to fully compromise the system via a GET request. When the admin visits user information under "User Manager" in the control panel, the payload will execute. This will allow for PHP files to be written to the web root, and for code to execute on the remote server. The problem is in admsession.php and admuser.php.

Vulnerable Product	Search on Vulmon	Subscribe to Product
fudforum fudforum 3.0.9

# Exploit Title : FUDForum 309 - Remote Code Execution # Date: 2019-10-26 # Exploit Author: liquidsky (JMcPeters) # Vulnerable Software: FUDForum 309 # Vendor Homepage: sourceforgenet/projects/fudforum/ # Version: 309 # Software Link: sourceforgenet/projects/fudforum/files/FUDforum_309zip/download # Tested On: Windows / m ...

FUDForum version 309 suffers from remote code execution and stored cross site scripting vulnerabilities ...

FUDForum 3.0.9 - XSS / Remote Code Execution (CVE-2019-18873, CVE-2019-18839)

FUDforum-XSS-RCE FUDForum 309 - XSS / Remote Code Execution (CVE-2019-18873, CVE-2019-18839) Multiple Stored XSS vulnerabilities have been found in FUDforum 309 that can result in remote code execution Stored XSS via username in forum: Info | Demo Stored XSS via useragent in admin panel: Info | Demo

CWE-79 CWE-78 https://github.com/fuzzlove/FUDforum-XSS-RCE https://sourceforge.net/p/fudforum/code/6321/https://nvd.nist.gov https://github.com/fuzzlove/FUDforum-XSS-RCE https://www.exploit-db.com/exploits/47650

CVE-2019-18873

Vulnerability Summary

Vulnerability Trend

Exploits

Github Repositories

References

Vulmon Search

About

Products

Connect