================================
#(+) Exploit Title: Quick CMS v3.0 Cross Site Request Forgery (Add Admin User)
#(+) Author : ^Xecuti0n3r
#(+) E-mail : xecuti0n3r()yahoo.com
#(+) Category : Web Apps [XSRF]
#(+) Dork : intext:"Quick.Cms v3.0" inurl:admin.php
#(+) Demo CMS Link: http://opensolution.org/Quick.Cms/demo_ext/admin.php admin||admin
1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0
0 _ __ __ __ 1
1 /' \ __ /'__`\ /\ \__ /'__`\ 0
0 /\_, \ ___ /\_\/\_\ \ \ ___\ \ ,_\/\ \/\ \ _ ___ 1
1 \/_/\ \ /' _ `\ \/\ \/_/_\_<_ /'___\ \ \/\ \ \ \ \/\`'__\ 0
0 \ \ \/\ \/\ \ \ \ \/\ \ \ \/\ \__/\ \ \_\ \ \_\ \ \ \/ 1
1 \ \_\ \_\ \_\_\ \ \ \____/\ \____\\ \__\\ \____/\ \_\ 0
0 \/_/\/_/\/_/\ \_\ \/___/ \/____/ \/__/ \/___/ \/_/ 1
1 \ \____/ >> Exploit database separated by exploit 0
0 \/___/ type (local, remote, DoS, etc.) 1
1 1
0 [+] Site : 1337day.com 0
1 [+] Support e-mail : submit[at]1337day.com 1
0 0
1 ######################################### 1
0 I'm ^Xecuti0n3r member from Inj3ct0r Team 1
1 ######################################### 0
0-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-==-=-=-1
#All you have to do is save the below code as exploit.html
#Then Host a website with the exploit.html file. A person with admin permissions if visits the site,
# will automatically add the attacker as Admin without warning ;)
____________________________________________________________________
____________________________________________________________________
Code:
Quick CMS v3.0 Cross Site Request Forgery (Add Admin User)
Quick CMS v3.0 Cross Site Request Forgery (Add Admin User)
================================
########################################################################
(+)Exploit Coded by: ^Xecuti0N3r
(+)Special Thanks to: MaxCaps, d3M0l!tioN3r, aNnIh!LatioN3r
(+)Gr33ts to : Inj3ct0r Operators Team : r0073r * Sid3^effectS * r4dc0re (www.1337day.com) + All the 31337 Members :)
(+)<3 to :Indian Cyber Army & Indishell Crew
#########################################################################(+) Exploit Title: Quick CMS v3.0 Cross Site Request Forgery (Edit Existing Admin details)
#(+) Author : ^Xecuti0n3r
#(+) E-mail : xecuti0n3r()yahoo.com
#(+) Category : Web Apps [XSRF]
#(+) Dork : intext:"Quick.Cms v3.0" inurl:admin.php
#(+) Demo CMS Link: http://opensolution.org/Quick.Cms/demo_ext/admin.php admin||admin
1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0
0 _ __ __ __ 1
1 /' \ __ /'__`\ /\ \__ /'__`\ 0
0 /\_, \ ___ /\_\/\_\ \ \ ___\ \ ,_\/\ \/\ \ _ ___ 1
1 \/_/\ \ /' _ `\ \/\ \/_/_\_<_ /'___\ \ \/\ \ \ \ \/\`'__\ 0
0 \ \ \/\ \/\ \ \ \ \/\ \ \ \/\ \__/\ \ \_\ \ \_\ \ \ \/ 1
1 \ \_\ \_\ \_\_\ \ \ \____/\ \____\\ \__\\ \____/\ \_\ 0
0 \/_/\/_/\/_/\ \_\ \/___/ \/____/ \/__/ \/___/ \/_/ 1
1 \ \____/ >> Exploit database separated by exploit 0
0 \/___/ type (local, remote, DoS, etc.) 1
1 1
0 [+] Site : 1337day.com 0
1 [+] Support e-mail : submit[at]1337day.com 1
0 0
1 ######################################### 1
0 I'm ^Xecuti0n3r member from Inj3ct0r Team 1
1 ######################################### 0
0-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-==-=-=-1
#All you have to do is save the below code as exploit.html
#Then Host a website with the exploit.html file. A person with admin permissions if visits the site,
# will automatically add the attacker as Admin without warning ;)
____________________________________________________________________
____________________________________________________________________
Code:
Quick CMS v3.0 Cross Site Request Forgery (Edit Existing Admin details)
Quick CMS v3.0 Cross Site Request Forgery (Edit Existing Admin details)
########################################################################
(+)Exploit Coded by: ^Xecuti0N3r
(+)Special Thanks to: MaxCaps, d3M0l!tioN3r, aNnIh!LatioN3r
(+)Gr33ts to : Inj3ct0r Operators Team : r0073r * Sid3^effectS * r4dc0re (www.1337day.com) + All the 31337 Members :)
(+)<3 to :Indian Cyber Army & Indishell Crew
########################################################################