[-------------------------------------------------------------------------------------------------] [ Title: Chipmunk Newsletter CSRF Vulnerabilities ] [ Author: Milos Zivanovic ] [ Date: 11. December 2009. ] [-------------------------------------------------------------------------------------------------] [-------------------------------------------------------------------------------------------------] [ Application: Chipmunk Newsletter ] [ Version: the only one there is ] [ Download: http://www.chipmunk-scripts.com/newsletter/newsletter.zip ] [ Vulnerability: Cross Site Request Forgery ] [-------------------------------------------------------------------------------------------------] I've noticed one XSS exploit was found by someone else so i decided to check it a little bit more and i found some sweet CSRF exploits in admin panel. [#]Content |--CSRF Delete Email List (also will remove all mails subscribed to this list) |--CSRF Clear Queue (Set all send to zero?) |--CSRF Send letter (this will mass mail all mails in database) |--CSRF Delete Email by ID [-]CSRF Delete Email List (also will remove all mails subscribed to this list) [EXPLOIT------------------------------------------------------------------------------------------] [EXPLOIT------------------------------------------------------------------------------------------] [-]CSRF Clear Queue (Set all send to zero?) [EXPLOIT------------------------------------------------------------------------------------------] [EXPLOIT------------------------------------------------------------------------------------------] [-]CSRF Send letter (this will mass mail all mails in database) [EXPLOIT------------------------------------------------------------------------------------------] [EXPLOIT------------------------------------------------------------------------------------------] [-]CSRF Delete Email by ID [POC----------------------------------------------------------------------------------------------] http://localhost/newsletter/admin/deleteadd.php?ID=[ID] [POC----------------------------------------------------------------------------------------------] [-------------------------------------------------------------------------------------------------] [ EOF ] [-------------------------------------------------------------------------------------------------] _________________________________________________________________ Windows Live: Friends get your Flickr, Yelp, and Digg updates when they e-mail you. http://www.microsoft.com/middleeast/windows/windowslive/see-it-in-action/social-network-basics.aspx?ocid=PID23461::T:WLMTAGL:ON:WL:en-xm:SI_SB_3:092010