CVE-2023-43278

A Cross-Site Request Forgery CSRF in adminmanager.php of Seacms up to v12.8 allows attackers to arbitrarily add an admin account...

CVE-2013-7473

Windu CMS 2.2 allows CSRF via admin/users/?mn=admin.message.error to add an admin account...

Cross site request forgery (csrf)

OECMS v4.3.R60321 and v4.3 later is affected by: Cross Site Request Forgery CSRF. The impact is: The victim clicks on adding an administrator account. The component is: admincp.php. The attack vector is: network connectivity. The fixed version is: v4.3...

CVE-2018-17429

/console/account/manage.php?type=action&action=add in JTBC v3.0C has CSRF for adding an administrator account...

Cross site request forgery (csrf)

An issue was discovered in HuCart v5.7.4. There is a CSRF vulnerability that can add an admin account via /adminsys/index.php?load=admins&act=editinfo&acttype=add...

CVE-2018-17366

An issue was discovered in MCMS 4.6.5. There is a CSRF vulnerability that can add an administrator account via ms/basic/manager/save.do...

CVE-2018-11671

An issue was discovered in GreenCMS v2.3.0603. There is a CSRF vulnerability that can add an admin account via index.php?m=admin&c=access&a=adduserhandle...

CVE-2018-11126

dg-user/?controller=users&action=add in doorGets 7.0 has CSRF that results in adding an administrator account...

CVE-2018-10295

ChemCMS v1.0.6 has CSRF by using public/admin/user/addpost.html to add an administrator account...

Simple Invoice 2011.1 Cross Site Request Forgery

Affected software: simple invoice Type of vulnerability:adding admin user via csrf URL:simpleinvoices.org Discovered by: provensec Website: provensec.com version:2011.1 Proof of concept...

Cross site request forgery (csrf)

Multiple cross-site request forgery CSRF vulnerabilities in Carbon Black before 4.1.0 allow remote attackers to hijack the authentication of administrators for requests that add new administrative users and have other unspecified action, as demonstrated by a request to api/user...

BigACE 2.7.8 - Cross-Site Request Forgery (Add Admin)

Exploit Title: Bigace CMS CSRF - Adding an admin account Date: 2013 29 July Exploit Author: Yashar shahinzadeh Credit goes for: ha.cker.ir Vendor Homepage: http://www.bigace.de/ Tested on: Linux & Windows, PHP 5.2.9 Affected Version : 2.7.8 Contacts: http://Twitter.com/YShahinzadeh ,...

Bigace CMS 2.7.8 Cross Site Request Forgery

Exploit Title: Bigace CMS CSRF - Adding an admin account Date: 2013 29 July Exploit Author: Yashar shahinzadeh Credit goes for: ha.cker.ir Vendor Homepage: http://www.bigace.de/ Tested on: Linux & Windows, PHP 5.2.9 Affected Version : 2.7.8 Contacts: http://Twitter.com/YShahinzadeh ,...

Quick CMS 3.0 Cross Site Request Forgery

================================ + Exploit Title: Quick CMS v3.0 Cross Site Request Forgery Add Admin User + Author : ^Xecuti0n3r + E-mail : xecuti0n3ryahoo.com + Category : Web Apps XSRF + Dork : intext:"Quick.Cms v3.0" inurl:admin.php + Demo CMS Link:...

CMS Made Simple 1.7 Cross Site Request Forgery

======================================================================= CMS Made Simple 1.7 CSRF Vulnerability ======================================================================= Vulnerability found in- Admin module email [email protected] company aksitservices Credit by Pratul Agrawal...

Libera CMS 1.12 - 'cookie' SQL Injection

!/usr/bin/perl ---------------------------------------------------------- Libera CMS agent"Mozilla/4.5 en Win95; U"; $https-timeout1; $https-defaultheader'Cookie' = "liberastaffpass=' or '1=1"; $request = $https-post$hostname."/admin.php?action=adduserprocess", username = $username, password =...