SocialCMS CSRF "0day" Vulnerability

Posted on venerdì 17 febbraio 2012 by Ivano Binetti

Yestarday I found a "0day" vulnerability into latest version (1.0.2) of "Socialcms" cms (socialcms.com) and created an exploit in order to add an  Administrator account. The vulnerability and related exploit  have been published into Offensive Security Exploit Database. You can find more details here:

http://www.exploit-db.com/author/?a=3557

Other web site have published this "oday" vulnerability:

http://www.allinfosec.com/2012/02/16/webapps-0day-socialcms-csrf-vulnerability
http://www.1337day.com/exploits/17527
http://www.realhacker.net/tag/webapps
http://94hi.com/exploit/html/3244.html



0 Responses to "SocialCMS CSRF "0day" Vulnerability":