12 matches found
CVE-2018-17429
CVE-2018-17429 refers to a CSRF vulnerability in JTBC v3.0(C) where requests to /console/account/manage.php?type=action&action=add can be forged to add an administrator account. A remote attacker can exploit this CSRF to elevate privileges by creating a new admin account. The reports in CNVD/othe...
Hucart CMS 5.7.4 - Cross-Site Request Forgery (Add Administrator Account)
function posturl,fields var p = document.createElement"form"; p.action = url; p.innerHTML = fields; p.target = "self"; p.method = "post"; document.body.appendChildp; p.submit; function csrfhack var fields; fields += ""; fields += ""; fields += ""; fields += ""; fields += ""; fields += ""; fields ...
Hucart CMS 5.7.4 - Cross-Site Request Forgery (Add Administrator Account)
Hucart CMS 5.7.4 - Cross-Site Request Forgery Add Administrator Account function posturl,fields var p = document.createElement"form"; p.action = url; p.innerHTML = fields; p.target = "self"; p.method = "post"; document.body.appendChildp; p.submit; function csrfhack var fields; fields += ""; field...
Cross site request forgery (csrf)
An issue was discovered in MCMS 4.6.5. There is a CSRF vulnerability that can add an administrator account via ms/basic/manager/save.do...
Flexo CMS Cross-Site Request Forgery Vulnerability
Flexo CMS is an open source content management system CMS based on PHP and MySQL. A cross-site request forgery vulnerability exists in Flexo CMS version 0.1.6. An attacker can exploit this vulnerability to add an administrator account with the help of the /admin/user/add page...
Cross site request forgery (csrf)
BEESCMS 4.0 has a CSRF vulnerability to add an administrator account via the admin/adminadmin.php?nav=listadminuser&adminpnav=user URI...
Exponent CMS 2.0 Beta 1.1 CSRF Add Administrator Account PoC
Exploit for php platform in category web applications Exponent CMS 2.0 Beta 1.1 CSRF Add Administrator Account PoC by outlaw.dll body, table, tr, td background-color: 00489C; font-family: Verdana; font-size: 16px; color: FFFFFF; .-""""-. .-""""-. / \ / \ / \ / \ // \ / \ // \ / \ |\ //| |\ //|...
Exponent CMS 2.0 Beta 1.1 - Cross-Site Request Forgery (Add Administrator Account)
Exponent CMS 2.0 Beta 1.1 - Cross-Site Request Forgery Add Administrator Account Exponent CMS 2.0 Beta 1.1 CSRF Add Administrator Account PoC by outlaw.dll body, table, tr, td background-color: 00489C; font-family: Verdana; font-size: 16px; color: FFFFFF; .-""""-. .-""""-. / \ / \ / \ / \ // \ / ...
Exponent CMS 2.0 Beta 1.1 - Cross-Site Request Forgery (Add Administrator Account)
Exponent CMS 2.0 Beta 1.1 CSRF Add Administrator Account PoC by outlaw.dll body, table, tr, td background-color: 00489C; font-family: Verdana; font-size: 16px; color: FFFFFF; .-""""-. .-""""-. / \ / \ / \ / \ // \ / \ // \ / \ |\ //| |\ //| \ || / \ || / \ / \ / \ / \ / .-""""-. '..'.-""""-...
Exponent CMS 2.0 Beta 1.1 Cross Site Request Forgery
Exponent CMS 2.0 Beta 1.1 CSRF Add Administrator Account PoC by outlaw.dll body, table, tr, td background-color: 00489C; font-family: Verdana; font-size: 16px; color: FFFFFF; .-""""-. .-""""-. / \ / \ / \ / \ // \ / \ // \ / \ |\ //| |\ //| \ || / \ || / \ / \ / \ / \ / .-""""-. '..'.-""""-...
Link Up Gold - Cross-Site Request Forgery (Add Admin)
Link Up Gold - Cross-Site Request Forgery Add Admin /\ == \ /\ \ /\ \ \ \ input type="hi...
Messages Library 2.0 Arbitrary Administrator Account Vulnerability
No description provided by source. head titleThE g0bL!N Messages Library 2.0 Remote Add Admintsrator Account /title base target="left" link rel="stylesheet" href="style.css" /head form method="POST" action="http://path/sms/admin/mod.php?Action=Add" table border="0" cellpadding="0" cellspacing="0"...