Phorum – Full Disclosure

Back to Posts

Phorum – Full Disclosure

Reporter VoidSec Security Team
Advisory VoidSec-16-002
Date of contact 03-03-16
2nd date of contact 16-03-16
3rd date of contact 04-04-16
Vendor last reply 03-03-16
Date of public disclosure 21-04-16
Product Phorum Open Source PHP Forum Software
Version 5.2.20

 

Download the Report [EN]

Introduction

The purpose of the present project is to assess the security posture of some important aspects of Phorum Forum Software.
Phorum is open source forum software with a penchant for speed. Phorum’s very flexible hook and module system can satisfy every web master’s needs.
During the web application security assessment for Phorum, VoidSec assessed the following systems using primarily a grey-box approach, checking security from the perspective of an external attacker, with credentials.

Vulnerabilities:

  • Stored Cross Site Scripting (XSS)
  • Cross Site Request Forgery (CSRF)
  • Missing Anti-CSRF token
  • Weak lock out mechanism
  • Weak password policy
  • Insecure Direct Object References
  • Upload of Unexpected File Types
  • Business Logic Data Validation
  • Weak password reset functionality
  • Cookie attributes issue
  • Remember password functionality

Team:

Mattia Reggiani – info@mattiareggiani.com – mattiareggiani.com
Federico Gerardi – AzraelSec federicogerardi94@gmail.com – azraelsec.it
Matteo Papa matteopapa93@gmail.com

Share this post

Back to Posts