105 matches found
ChemCMS Cross-Site Request Forgery Vulnerability
ChemCMS is a chemical-based web content management system CMS based on PHP and MySQL. A cross-site request forgery vulnerability exists in ChemCMS version 1.0.6. A remote attacker can exploit this vulnerability to add an administrator account via the public/admin/user/addpost.html page...
Cross site request forgery (csrf)
BEESCMS 4.0 has a CSRF vulnerability to add an administrator account via the admin/adminadmin.php?nav=listadminuser&adminpnav=user URI...
YzmCMS Cross-Site Request Forgery Vulnerability (CNVD-2018-08781)
YzmCMS is an open source CMS Content Management System developed by Chinese programmer Yuan Zhimeng. A cross-site request forgery vulnerability exists in YzmCMS version 3.8. A remote attacker can add an administrator account with the help of the /index.php/admin/adminmanage/add.html page to explo...
TuziCMS Cross-Site Request Forgery Vulnerability
TuziCMS is an enterprise web content management system CMS based on PHP and MySQL. A cross-site request forgery vulnerability exists in TuziCMS version 2.0.6. A remote attacker can exploit the vulnerability to add an administrator account...
XYHCMS Cross-Site Request Forgery Vulnerability
XYHCMS is an open source content management system CMS. A cross-site request forgery vulnerability exists in XYHCMS version 3.5. A remote attacker can exploit this vulnerability by sending an index.php?g=Manage&m=Rbac&a=addUser request to add an administrator account...
CSRF Vulnerability in Ocean CMS V6.48 Add Administrator Backend
Ocean Movie System aka Ocean CMS seacms is a PHP movie system. Ocean CMS V6.48 CSRF vulnerability exists in the background add administrator. Allows attackers to exploit the vulnerability to forge form links and induce administrators to click to add background accounts...
CSRF Cross-site Request Forgery Vulnerability at Add Administrator of Rice Shell Enterprise Website Builder 2016 Official Version
Rice Shell Enterprise Building System is an enterprise building and content management system. CSRF cross-site request forgery vulnerability exists in Rice Shell Enterprise Website Builder System 2016 Official VersionAdd Administrator. As the packet of the add administrator operation is not token...
Cross site request forgery (csrf)
Cross-site request forgery CSRF vulnerability in SecuritySetting/UserSecurity/UserManagement.aspx in B.A.S C2Box before 4.0.0 r19171 allows remote attackers to hijack the authentication of administrators for requests that add administrator accounts via certain vectors...
win32/7 x86 ultimate Add Admin ALI/ALI & Enable RDP Obfuscated Shellcode - 1218 bytes
Title: Obfuscated Shellcode Windows x86 1218 Bytes Add Administrator User/Pass ALI/ALI & Add ALI to RDP Group & Enable RDP From Registery & STOP Firewall & Auto Start terminal service length: 1218 bytes Date: 13 January 2015 Author: Ali Razmjoo tested On: Windows 7 x86 ultimate WinExec = 0x7666e6...
win32/7 x64 ultimate Add Admin ALI/ALI & Enable RDP Obfuscated Shellcode - 1218 bytes
Title: Obfuscated Shellcode Windows x64 1218 Bytes Add Administrator User/Pass ALI/ALI & Add ALI to RDP Group & Enable RDP From Registery & STOP Firewall & Auto Start terminal service length: 1218 bytes Date: 13 January 2015 Author: Ali Razmjoo tested On: Windows 7 x64 ultimate WinExec = 0x769e2c...
Obfuscated Shellcode Windows x86 - 1218 Bytes Add Administrator User/Pass ALI/ALI & Add ALI To RDP Group & Enable RDP From Registry & STOP Firewall & Auto Start Terminal Service
Obfuscated Shellcode Windows x86 - 1218 Bytes Add Administrator User/Pass ALI/ALI & Add ALI To RDP Group & Enable RDP From Registry & STOP Fire... Author: Ali Razmjoo Title: Obfuscated Shellcode Windows x86 1218 Bytes Add Administrator User/Pass ALI/ALI & Add ALI to RDP Group & Enable RDP From...
DomPHP <= 0.81 Remote Add Administrator Exploit
No description provided by source. ?php / DomPHP = 0.81 Remote Add Administrator Exploit c0ded by j0j0 dork: Site créé à l'aide du CMS DomPHP Exploit work with CURL / errorreporting0; iniset'maxexecutiontime', 0; iniset'defaultsockettimeout', 5; obimplicitflushtrue; function quickdump$string...
TaskTracker <= 1.5 (Customize.asp) Remote Add Administrator Exploit
No description provided by source. !-- Title : TaskTracker All Version Remote Add Admin Exploit Author : ajann Contact : : S.Page : http://www.geckovich.com $$ : $39.99 - $19.99 -- FORM NAME=AddUser METHOD=POST ACTION=http://target/path/Customize.asp?a=Add style=word-spacing: 0; margin-top: 0;...
WebfolioCMS <= 1.1.4 CSRF (Add Admin/Modify Pages)
No description provided by source. +--------------------------------------------------------------------------------------------------------------------------------+ Exploit Title : WebfolioCMS = 1.1.4 CSRF Add Admin/Modify Pages Date : 28-02-2012 Author : Ivano Binetti http://ivanobinetti.com...
Croogo 1.2.1 - Multiple CSRF Vulnerabilities
No description provided by source. ----------------------------------------------------------------------------------------------- Title: Croogo 1.2.1 Multiple CSRF Vulnerabilities Author: Milos Zivanovic Email: milosz.securityatgmaildotcom Date: 07. February 2010...
CVE-2012-1416
Multiple cross-site request forgery CSRF vulnerabilities in SocialCMS 1.0.2 allow remote attackers to hijack the authentication of administrators for requests that 1 add administrator accounts via a membernew action to myadmin/admin1members.php or 2 modify the default site title via a save action...
WebPA 1.1.0.1 File Upload / Add Administrator
:::::::-. ... ::::::. :::. ;;, ';, ;; ;;;;;;;, ;;; ' . ' $$, $$$$ $$$ $$$ "Y$c$$ 888,o8P'88 .d888 888 Y88 MMMMP" "YmmMMMM"" MMM YM Discovered by dun \ posdubatgmail.com 2012-08-23 WebPA fail'; fputs$fp, $headers; return $fp; function httprecv$fp $ret=""; while !feof$fp $ret.= fgets$fp, 1024;...
X7 Chat 2.0.5.1 and below version CSRF add Administrator the defect and repair-vulnerability warning-the black bar safety net
Title: X7 Chat 2.0.5.1 CSRF Add Admin Exploit Key words: intitle:"Chat Room" "Powered By X7 Chat 2.0.5" Author: DennSpec download address: http://x7chat.com/releases/v2/x7chat2051.zip Affected versions: = 2.0.5.1 First register for a username frame.html in the path of your main html page html bod...
NetworX CMS-CSRF flaws add administrator accounts-vulnerability warning-the black bar safety net
Title: NetworX CMS - CSRF Add Admin Author: N3t. Crack3r Program address: http://www.socialabc.com/downloads/networx-social/ Affect all versions Test System Platform: Ubuntu Demo Station: http://www.socialabc.com/demo/ !--...
Simple PHP Agenda 2.2.8 - Cross-Site Request Forgery (Add Admin Add Event)
Simple PHP Agenda 2.2.8 - Cross-Site Request Forgery Add Admin Add Event +--------------------------------------------------------------------------------------------------------------------------------+ Exploit Title : Simple PHP Agenda = 2.2.8 CSRF Add Admin - Add Event Date : 29-03-2012 Author...