[-------------------------------------------------------------------------------------------------] [ Title: Chipmunk Newsletter CSRF Vulnerabilities ] [ Author: Milos Zivanovic ] [ Date: 11. December 2009. ] [-------------------------------------------------------------------------------------------------] [-------------------------------------------------------------------------------------------------] [ Application: Chipmunk Newsletter ] [ Version: the only one there is ] [ Download: http://www.chipmunk-scripts.com/newsletter/newsletter.zip ] [ Vulnerability: Cross Site Request Forgery ] [-------------------------------------------------------------------------------------------------] I've noticed one XSS exploit was found by someone else so i decided to check it a little bit more and i found some sweet CSRF exploits in admin panel. [#]Content |--CSRF Delete Email List (also will remove all mails subscribed to this list) |--CSRF Clear Queue (Set all send to zero?) |--CSRF Send letter (this will mass mail all mails in database) |--CSRF Delete Email by ID [-]CSRF Delete Email List (also will remove all mails subscribed to this list) [EXPLOIT------------------------------------------------------------------------------------------]
[EXPLOIT------------------------------------------------------------------------------------------] [-]CSRF Clear Queue (Set all send to zero?) [EXPLOIT------------------------------------------------------------------------------------------]
[EXPLOIT------------------------------------------------------------------------------------------] [-]CSRF Send letter (this will mass mail all mails in database) [EXPLOIT------------------------------------------------------------------------------------------]