cve/2017/CVE-2017-8382.md

### [CVE-2017-8382](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-8382)
![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)

### Description

admidio 3.2.8 has CSRF in adm_program/modules/members/members_function.php with an impact of deleting arbitrary user accounts.

### POC

#### Reference
- http://en.0day.today/exploit/27771
- https://github.com/Admidio/admidio/issues/612
- https://github.com/faizzaidi/Admidio-3.2.8-CSRF-POC-by-Provensec-llc
- https://www.exploit-db.com/exploits/42005/

#### Github
- https://github.com/faizzaidi/Admidio-3.2.8-CSRF-POC-by-Provensec-llc
Update Sun May 26 14:27:04 CEST 2024 2024-05-26 14:27:05 +02:00			`### [CVE-2017-8382](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-8382)`
			`![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)`
			`![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)`
			`![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)`

			`### Description`

			`admidio 3.2.8 has CSRF in adm_program/modules/members/members_function.php with an impact of deleting arbitrary user accounts.`

			`### POC`

			`#### Reference`
			`- http://en.0day.today/exploit/27771`
			`- https://github.com/Admidio/admidio/issues/612`
			`- https://github.com/faizzaidi/Admidio-3.2.8-CSRF-POC-by-Provensec-llc`
			`- https://www.exploit-db.com/exploits/42005/`

			`#### Github`
Update CVE sources 2024-06-22 09:37 2024-06-22 09:37:59 +00:00			`- https://github.com/faizzaidi/Admidio-3.2.8-CSRF-POC-by-Provensec-llc`
Update Sun May 26 14:27:04 CEST 2024 2024-05-26 14:27:05 +02:00