Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Bosscms v2.0.0 a vulnerability, Cross-site request forgery(CSRF) #1

Open
5497lvren opened this issue Nov 2, 2022 · 0 comments
Open

Comments

@5497lvren
Copy link
Owner

5497lvren commented Nov 2, 2022

Download link:
https://gitee.com/Greenpeas/BOSSCMS/repository/archive/V2.0202210100920.zip
version:v2.0.0
version:v2.0.0
The issue in the background - > User - > administrator list -> add
The issue in the background - > User - > administrator list -> add
Save and dropthe packet
Save and discard the packet

Use CSRF Poc
Use CSRF Poc

Submit
Submit
The admin user was successfully added
The admin user was successfully added

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

1 participant