Phorum – Full Disclosurevoidsec
|Reporter||VoidSec Security Team|
|Date of contact||03-03-16|
|2nd date of contact||16-03-16|
|3rd date of contact||04-04-16|
|Vendor last reply||03-03-16|
|Date of public disclosure||21-04-16|
|Product||Phorum Open Source PHP Forum Software|
The purpose of the present project is to assess the security posture of some important aspects of Phorum Forum Software.
Phorum is open source forum software with a penchant for speed. Phorum’s very flexible hook and module system can satisfy every web master’s needs.
During the web application security assessment for Phorum, VoidSec assessed the following systems using primarily a grey-box approach, checking security from the perspective of an external attacker, with credentials.
- Stored Cross Site Scripting (XSS)
- Cross Site Request Forgery (CSRF)
- Missing Anti-CSRF token
- Weak lock out mechanism
- Weak password policy
- Insecure Direct Object References
- Upload of Unexpected File Types
- Business Logic Data Validation
- Weak password reset functionality
- Cookie attributes issue
- Remember password functionality