Phorum – Full Disclosure

Back to Posts

Phorum – Full Disclosure

Reporter VoidSec Security Team
Advisory VoidSec-16-002
Date of contact 03-03-16
2nd date of contact 16-03-16
3rd date of contact 04-04-16
Vendor last reply 03-03-16
Date of public disclosure 21-04-16
Product Phorum Open Source PHP Forum Software
Version 5.2.20

 

Download the Report [EN]

Introduction

The purpose of the present project is to assess the security posture of some important aspects of Phorum Forum Software.
Phorum is open source forum software with a penchant for speed. Phorum’s very flexible hook and module system can satisfy every web master’s needs.
During the web application security assessment for Phorum, VoidSec assessed the following systems using primarily a grey-box approach, checking security from the perspective of an external attacker, with credentials.

Vulnerabilities:

  • Stored Cross Site Scripting (XSS)
  • Cross Site Request Forgery (CSRF)
  • Missing Anti-CSRF token
  • Weak lock out mechanism
  • Weak password policy
  • Insecure Direct Object References
  • Upload of Unexpected File Types
  • Business Logic Data Validation
  • Weak password reset functionality
  • Cookie attributes issue
  • Remember password functionality

Team:

Mattia Reggiani[email protected]mattiareggiani.com
Federico Gerardi – AzraelSec [email protected]azraelsec.it
Matteo Papa [email protected]

Share this post

Back to Posts