CVE-2022-26173

JForum v2.8.0 was discovered to contain a Cross-Site Request Forgery CSRF via http://targethost:port/jforum-2.8.0/jforum.page, which allows attackers to arbitrarily add admin accounts...

Cross site request forgery (csrf)

In BEESCMS 4.0, CSRF allows administrators to be added arbitrarily, a related issue to CVE-2018-10266...

BEESCMS 4.0 - Cross-Site Request Forgery (Add Admin) Vulnerability

Exploit for php platform in category web applications Exploit Title: A CSRF vulnerability exists in BEESCMSV4.0: The administrator can be added arbitrarily. Exploit Author: bay0net Vendor Homepage: https://www.cnblogs.com/v1vvwv/p/9226389.html Software Link: http://www.beescms.com/ Version: BEESC...

百为流控路由设计不当 可任意添加管理员

POST /goform/webForm HTTP/1.0 Referer: ...:2011/advance/adminuser.htm?v=20130320 Content-Type: application/x-www-form-urlencoded X-Requested-With: XMLHttpRequest Accept: / Accept-Language: zh-CN Proxy-Connection: Keep-Alive User-Agent: Mozilla/5.0 Windows NT 6.1; WOW64; Trident/7.0; rv:11.0 like...

AdaptCMS Lite 1.5 - Arbitrary Add Admin

=========================================================================== Topic : AdaptCMSLite1.5 2009-07-07 Bug type : change admin user,passwd & add new admin user exploit Download : http://sourceforge.net/projects/adaptcms/files/AdaptCMS%20Lite%20v1/1.5/AdaptCMSLite1.5.zip/download Advisory ...