Computer Security

Security Advisory: [MajorSecurity SA-070]Plume CMS - change Admin Password via Cross-site Request Forgery
back  news / advisories / forum / software / advertising / search / exploits  forward
[EN] securityvulns.ru
no-pyccku



Related information

  Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)

  Infinity 0-day Denial of Service

  ClipBucket AdminPanel edit site Vulnerability

  Paessler - PRTG Traffic Grapher XSS

  Blue Arc Group - IgnitionSuite CMS WebDMailer unsubscribe issue

From:david.kurz_(at)_majorsecurity.net <david.kurz_(at)_majorsecurity.net>
Date:14.06.2010
Subject:[MajorSecurity SA-070]Plume CMS - change Admin Password via Cross-site Request Forgery

[MajorSecurity SA-070]Plume CMS - change Admin Password via Cross-site Request Forgery

Details
=======
Product: Plume CMS
Security-Risk: high
Remote-Exploit: yes
Vendor-URL: http://www.plume-cms.net/
Advisory-Status: published

Credits
============
Discovered by: David Vieira-Kurz
http://www.majorsecurity.info/penetrationstest.php

Affected Products:
----------------------------
Plume CMS 1.2.4
Prior versions may also be vulnerable

Introduction
============
"Plume CMS is web based content management system."

More Details
============
We at MajorSecurity have discovered a vulnerability in Plume CMS, which can be exploited
by malicious people to conduct cross-site request forgery attacks.
The application allows users to perform certain actions via HTTP requests without
performing any validity checks to verify the requests. This can be exploited to change the
administrator's password by tricking a logged in administrator into visiting a malicious
web site.

Solution
================
The web application should implement some validity checks to verify the requests before
performing certain actions via HTTP requests.

Workaround
================
Do not browse untrusted sites or follow untrusted links while being logged-in to the
application.

MajorSecurity
================
MajorSecurity is a German penetrationtesting and security research company which focuses
on web application security. We offer professional penetrationstest, security audits,
source code reviews.

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod

 
 


Rating@Mail.ru