PPress Privilege Escalation Vulnerability via Session Cookie Forgery
Vulnerability
A privilege escalation vulnerability has been identified in PPress CMS version 0.0.9-beta. This issue arises from session fixation, allowing attackers to manipulate session cookies and gain administrative rights. The vulnerability exploits a default session key configuration, which can be used to forge session cookies and elevate user privileges.
Impact
Exploitation of this vulnerability allows normal users to gain administrative privileges on the PPress CMS.
Reproduction
To reproduce this vulnerability, first register a normal user account on a PPress CMS v0.0.9-beta installation. After logging in, capture the session cookie using a tool like Burp Suite. With the session cookie and knowledge of the default session key, use a Python script to decode the session cookie, modify it to impersonate an admin user, and then encode it back. Finally, replace the original session cookie with the forged one to gain admin access.
Vulnerability Rating
Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.