CVE-2020-37046

Sistem Informasi Pengumuman Kelulusan Online 1.0 contains a cross-site request forgery vulnerability that allows attackers to add unauthorized admin users through the tambahuser.php endpoint. Attackers can craft a malicious HTML form to submit admin credentials and create new administrative...

CVE-2023-43147

PHPJabbers Limo Booking Software 1.0 is vulnerable to Cross Site Request Forgery CSRF to add an admin user via the Add Users Function, aka an index.php?controller=pjAdminUsers=pjActionCreate URI...

Exploit for Improper Authentication in Automattic Woocommerce_Payments

CVE-2023-28121 WooCommerce Payments - For installing requirem...

SuperMicro IPMI 03.40 Cross Site Request Forgery

Exploit Title: SuperMicro IPMI 03.40 - Cross-Site Request Forgery Add Admin Exploit Author: Metin Yunus Kandemir Vendor Homepage: https://www.supermicro.com/ Software Link: https://www.supermicro.com/en/solutions/management-software/bmc-resources Version: X10DRH-iT motherboards with BIOS 2.0a and...

P5 FNIP-8x16A/FNIP-4xSH CSRF / Cross Site Scripting

!-- C...

74CMS 5.0.1 - Cross-Site Request Forgery (Add New Admin User) Exploit

Exploit for php platform in category web applications Exploit Title: 74CMS v5.0.1 has a CSRF vulnerability to add a new admin user Exploit Author: ax8 Vendor Homepage: https://github.com/Li-Siyuan Software Link: http://www.74cms.com/download/index.html Version: v5.0.1 CVE : CVE-2019-11374 74CMS...

Cross site request forgery (csrf)

MKCMS V5.0 has a CSRF vulnerability to add a new admin user via the ucenter/userinfo.php URI...

CVE-2019-11077

FastAdmin V1.0.0.20190111beta has a CSRF vulnerability to add a new admin user via the admin/auth/admin/add?dialog=1 URI...

PHP-SHOP Master 1.0 Cross Site Request Forgery

Exploit Title: PHP-SHOP master 1.0 - Cross-Site Request Forgery Add admin Exploit Author : Alireza Norkazemi Date: 2018-10-15 Vendor Homepage : https://github.com/joeyrush/PHP-SHOP Software link: https://github.com/joeyrush/PHP-SHOP/archive/master.zip Version: 1.0 Tested on: Windows 10 CVE: N/A...

Drupal 7.0 7.31 - Drupalgeddon SQL Injection (Add Admin User)

Drupal 7.0 7.31 - Drupalgeddon SQL Injection Add Admin User !/usr/bin/python Drupal 7.x SQL Injection SA-CORE-2014-005 https://www.drupal.org/SA-CORE-2014-005 Inspired by yukyuk's P.o.C https://www.reddit.com/user/fyukyuk Tested on Drupal 7.31 with BackBox 3.x This material is intended for...

win32 / windows 7 Add Admin User Shellcode - 194 bytes

Title: Add Admin User Shellcode 194 bytes - Any Windows Version Release date: 21/06/2014 Author: Giuseppe D'Amore http://it.linkedin.com/pub/giuseppe-d-amore/69/37/66b Size: 194 byte NULL free Tested on: Win8,Win7,WinVista,WinXP,Win2kPro,Win2k8,Win2k8R2,Win2k3 Username: BroK3n Password: BroK3n Ad...

Anantasoft Gazelle CMS CSRF Vulnerability

No description provided by source. ======================================================================= Anantasoft Gazelle CMS CSRF Vulnerability ======================================================================= by Pratul Agrawal Vulnerability found in- Admin module email...

InverseFlow 2.4 - CSRF Vulnerabilities (Add Admin User)

No description provided by source. + Exploit Title: InverseFlow v2.4 CSRF Vulnerabilities Add Admin User + Version : 2.4 + Author : EjRaM HaCkEr + Contact : m2z9.cn + Dork : inurl:ticket.php?cmd=lost + Software Link : http://asria.info/download/script/inverseflow.zip...

IE wshom.ocx (Run) ActiveX Remote Code Execution (add admin user)

No description provided by source. Exploit Title: IE wshom.ocx Run ActiveX Remote Code Execution add admin user Date: 22/01/2010 Author: Stack Version: ALL Tested on: winsp2 html /font/b/p p object classid='clsid:72C24DD5-D70A-438B-8A42-98424B88AFB8' id='target' /object script language='vbscript'...

havalite 1.0 <= CSRF Add Admin user

Exploit for php platform in category web applications » havalite 1.0 » --- Date : 29- 03- 2012 » --- Author : Expl0!Ts » --- Software Link : http://havalite.com/downloads/havalite.zip » --- Version: 1.0 » --- Category: php » --- Tested on: wind xp & ubuntu 10.10 » --- Dork : your mind 1- First Vu...

Ad Manager Pro Cross Site Request Forgery

Exploit Title: Ad Manager Pro CSRF Vuln add admin Author: Jonturk75 Vendor of Software Link: http://www.scripts.com/viewscript/php-text-ad-management/20881/ Category:: webapps Demo site: http://www.scripts-demo.com/admanagerpro/administration/index.php...

InverseFlow 2.4 - Cross-Site Request Forgery (Add Admin)

Exploit Title: InverseFlow v2.4 CSRF Vulnerabilities Add Admin User + Version : 2.4 + Author : EjRaM HaCkEr + Contact : m2z9.cn + Dork : inurl:"ticket.php?cmd=lost" + Software Link : http://asria.info/download/script/inverseflow.zip...

InverseFlow v2.4 CSRF Vulnerabilities (Add Admin User)

Exploit for php platform in category web applications + Exploit Title: InverseFlow v2.4 CSRF Vulnerabilities Add Admin User + Version : 2.4 + Author : EjRaM HaCkEr + Contact : m2z9.cn + Dork : inurl:"ticket.php?cmd=lost" + Software Link : http://asria.info/download/script/inverseflow.zip...

phpwcms v1.4.7 XSRF Vulnerability (Add Admin User)

Exploit for php platform in category web applications + Exploit Title: phpwcms v1.4.7 XSRF VulnerabilityAdd Admin User + Author : ^Xecuti0n3r + E-mail : xecuti0n3ryahoo.com + Category : Web Apps XSRF + Dork : intext:"phpwcms Copyright" + Download Link :...

Quick CMS v3.0 Cross Site Request Forgery (Add Admin User)

Exploit for php platform in category web applications + Exploit Title: Quick CMS v3.0 Cross Site Request Forgery Add Admin User + Author : ^Xecuti0n3r + E-mail : xecuti0n3ryahoo.com + Category : Web Apps XSRF + Dork : intext:"Quick.Cms v3.0" inurl:admin.php + Demo CMS Link:...