CVE-2006-2737

Nukedit < 4.9.6 - Unauthenticated Arbitrary User Creation via GroupID Parameter

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2006-2737. PoCs published by FarhadKey.

AI-analyzed exploit summary This HTML PoC exploits an unauthorized admin account creation vulnerability in Nukedit CMS <= 4.9.6 by submitting a crafted registration form with hidden fields to elevate privileges. The exploit bypasses authentication by setting the 'groupid' to 1 (admin).

Description

utilities/register.asp in Nukedit 4.9.6 and earlier allows remote attackers to create new users as part of arbitrary groups, including the administrative group, via a modified groupid parameter when creating a user via the addDB action.

Exploits (1)

exploitdb WORKING POC VERIFIED

by FarhadKey · htmlwebappsasp

https://www.exploit-db.com/exploits/1850

View Code ZIP pw:eip

This HTML PoC exploits an unauthorized admin account creation vulnerability in Nukedit CMS <= 4.9.6 by submitting a crafted registration form with hidden fields to elevate privileges. The exploit bypasses authentication by setting the 'groupid' to 1 (admin).

Classification

Working Poc 90%

Attack Type

Auth Bypass

Complexity

Trivial

Reliability

Reliable

Target: Nukedit CMS <= 4.9.6

No auth needed

Prerequisites: register.asp must be enabled on the target

MITRE ATT&CK