mirror of
https://github.com/0xMarcio/cve.git
synced 2025-05-07 11:06:19 +00:00
1.1 KiB
1.1 KiB
CVE-2020-5776
&color=brighgreen)
Description
Currently, all versions of MAGMI are vulnerable to CSRF due to the lack of CSRF tokens. RCE (via phpcli command) is possible in the event that a CSRF is leveraged against an existing admin session for MAGMI.
POC
Reference
- https://www.tenable.com/security/research/tra-2020-51
- https://www.tenable.com/security/research/tra-2020-51
Github
- https://github.com/404notf0und/CVE-Flow
- https://github.com/ARPSyndicate/cvemon
- https://github.com/ARPSyndicate/kenzer-templates
- https://github.com/Elsfa7-110/kenzer-templates
- https://github.com/alphaSeclab/sec-daily-2020
- https://github.com/merlinepedra/nuclei-templates
- https://github.com/merlinepedra25/nuclei-templates
- https://github.com/sobinge/nuclei-templates