Lucene search
K

12 matches found

CVE
CVE
added 2019/03/07 10:0 p.m.44 views

CVE-2018-17429

CVE-2018-17429 refers to a CSRF vulnerability in JTBC v3.0(C) where requests to /console/account/manage.php?type=action&action=add can be forged to add an administrator account. A remote attacker can exploit this CSRF to elevate privileges by creating a new admin account. The reports in CNVD/othe...

8.8CVSS8.6AI score0.00614EPSS
Exploits1References1Affected Software1
Exploit DB
Exploit DB
added 2019/01/14 12:0 a.m.129 views

Hucart CMS 5.7.4 - Cross-Site Request Forgery (Add Administrator Account)

function posturl,fields var p = document.createElement"form"; p.action = url; p.innerHTML = fields; p.target = "self"; p.method = "post"; document.body.appendChildp; p.submit; function csrfhack var fields; fields += ""; fields += ""; fields += ""; fields += ""; fields += ""; fields += ""; fields ...

8.8CVSS8.8AI score0.02979EPSS
Exploits5
exploitpack
exploitpack
added 2019/01/14 12:0 a.m.50 views

Hucart CMS 5.7.4 - Cross-Site Request Forgery (Add Administrator Account)

Hucart CMS 5.7.4 - Cross-Site Request Forgery Add Administrator Account function posturl,fields var p = document.createElement"form"; p.action = url; p.innerHTML = fields; p.target = "self"; p.method = "post"; document.body.appendChildp; p.submit; function csrfhack var fields; fields += ""; field...

6.8CVSS0.6AI score0.02979EPSS
Exploits5
Prion
Prion
added 2018/09/23 6:29 p.m.19 views

Cross site request forgery (csrf)

An issue was discovered in MCMS 4.6.5. There is a CSRF vulnerability that can add an administrator account via ms/basic/manager/save.do...

6.8CVSS8.6AI score0.00572EPSS
Exploits0References1Affected Software1
CNVD
CNVD
added 2018/08/27 12:0 a.m.4 views

Flexo CMS Cross-Site Request Forgery Vulnerability

Flexo CMS is an open source content management system CMS based on PHP and MySQL. A cross-site request forgery vulnerability exists in Flexo CMS version 0.1.6. An attacker can exploit this vulnerability to add an administrator account with the help of the /admin/user/add page...

8.8CVSS8.8AI score0.00588EPSS
Exploits0References1
Prion
Prion
added 2018/04/22 1:29 a.m.14 views

Cross site request forgery (csrf)

BEESCMS 4.0 has a CSRF vulnerability to add an administrator account via the admin/adminadmin.php?nav=listadminuser&adminpnav=user URI...

6.8CVSS8.6AI score0.006EPSS
Exploits0References1Affected Software1
0day.today
0day.today
added 2011/05/03 12:0 a.m.18 views

Exponent CMS 2.0 Beta 1.1 CSRF Add Administrator Account PoC

Exploit for php platform in category web applications Exponent CMS 2.0 Beta 1.1 CSRF Add Administrator Account PoC by outlaw.dll body, table, tr, td background-color: 00489C; font-family: Verdana; font-size: 16px; color: FFFFFF; .-""""-. .-""""-. / \ / \ / \ / \ // \ / \ // \ / \ |\ //| |\ //|...

7.1AI score
Exploits0
exploitpack
exploitpack
added 2011/05/02 12:0 a.m.16 views

Exponent CMS 2.0 Beta 1.1 - Cross-Site Request Forgery (Add Administrator Account)

Exponent CMS 2.0 Beta 1.1 - Cross-Site Request Forgery Add Administrator Account Exponent CMS 2.0 Beta 1.1 CSRF Add Administrator Account PoC by outlaw.dll body, table, tr, td background-color: 00489C; font-family: Verdana; font-size: 16px; color: FFFFFF; .-""""-. .-""""-. / \ / \ / \ / \ // \ / ...

0.4AI score
Exploits0
Exploit DB
Exploit DB
added 2011/05/02 12:0 a.m.24 views

Exponent CMS 2.0 Beta 1.1 - Cross-Site Request Forgery (Add Administrator Account)

Exponent CMS 2.0 Beta 1.1 CSRF Add Administrator Account PoC by outlaw.dll body, table, tr, td background-color: 00489C; font-family: Verdana; font-size: 16px; color: FFFFFF; .-""""-. .-""""-. / \ / \ / \ / \ // \ / \ // \ / \ |\ //| |\ //| \ || / \ || / \ / \ / \ / \ / .-""""-. '..'.-""""-...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2011/05/01 12:0 a.m.27 views

Exponent CMS 2.0 Beta 1.1 Cross Site Request Forgery

Exponent CMS 2.0 Beta 1.1 CSRF Add Administrator Account PoC by outlaw.dll body, table, tr, td background-color: 00489C; font-family: Verdana; font-size: 16px; color: FFFFFF; .-""""-. .-""""-. / \ / \ / \ / \ // \ / \ // \ / \ |\ //| |\ //| \ || / \ || / \ / \ / \ / \ / .-""""-. '..'.-""""-...

0.4AI score
Exploits0
exploitpack
exploitpack
added 2009/12/14 12:0 a.m.16 views

Link Up Gold - Cross-Site Request Forgery (Add Admin)

Link Up Gold - Cross-Site Request Forgery Add Admin /\ == \ /\ \ /\ \ \ \ input type="hi...

0.6AI score
Exploits0
seebug.org
seebug.org
added 2009/06/30 12:0 a.m.11 views

Messages Library 2.0 Arbitrary Administrator Account Vulnerability

No description provided by source. head titleThE g0bL!N Messages Library 2.0 Remote Add Admintsrator Account /title base target="left" link rel="stylesheet" href="style.css" /head form method="POST" action="http://path/sms/admin/mod.php?Action=Add" table border="0" cellpadding="0" cellspacing="0"...

7.1AI score
Exploits0
Rows per page
Query Builder