dingfanzu 安全漏洞

dingfanzu is a php based takeaway ordering website by gk2007 individual developer. A security vulnerability exists in dingfanzu version V1.0, which originates from the /admin/doAdminAction.php?act=addAdmin component that contains a cross-site request forgery vulnerability...

Cross site request forgery (csrf)

School Management Software PHP/mySQL through 2019-03-14 allows officeadmin/?action=addadmin CSRF to add an administrative user...

AdManagerPro - Cross-Site Request Forgery (Add Admin)

AdManagerPro - Cross-Site Request Forgery Add Admin /\ == \ /\ \ /\ \ \ \ input type="...

ZeeCareers 2.0 - addAdminmembercode.php Arbitrary Add Admin

ZeeCareers 2.0 - addAdminmembercode.php Arbitrary Add Admin ZeeCareers v2.0 addadminmembercode.php Add Admin function validateform ifform.name.value == "" || !isNaNform.username.value alert"Please enter your name correctly."; form.username.focus; return false; ifform.name.value == "" ||...

JiRos Banner Experience 1.0 (Create Admin Bypass) Remote Exploit

Exploit for unknown platform in category web applications ================================================================ JiRos Banner Experience 1.0 Create Admin Bypass Remote Exploit ================================================================ Jiros Banner Experience Pro Unauthorized Admin...