CVE-2010-2039

gpEasy CMS <= 1.6.2 - Cross-Site Request Forgery via Admin_Users Action

Title source: llm

Exploitation Summary

EIP tracks 2 public exploits for CVE-2010-2039. PoCs published by Giuseppe 'giudinvx' D'Inverno, RajeshTiwiva.

AI-analyzed exploit summary This exploit demonstrates a CSRF vulnerability in gpEasy <= 1.6.1, allowing an attacker to create an admin user by tricking an authenticated admin into submitting a malicious form.

Description

Cross-site request forgery (CSRF) vulnerability in gpEasy CMS 1.6.2, 1.6.1, and earlier allows remote attackers to hijack the authentication of administrators for requests that create new administrative users via an Admin_Users action to index.php. NOTE: some of these details are obtained from third party information.

Exploits (2)

exploitdb WORKING POC VERIFIED

by Giuseppe 'giudinvx' D'Inverno · htmlwebappsphp

https://www.exploit-db.com/exploits/12441

View Code ZIP pw:eip

This exploit demonstrates a CSRF vulnerability in gpEasy <= 1.6.1, allowing an attacker to create an admin user by tricking an authenticated admin into submitting a malicious form.

Classification

Working Poc 100%

Attack Type

Auth Bypass

Complexity

Trivial

Reliability

Reliable

Target: gpEasy <= 1.6.1

Auth required

Prerequisites: Victim must be authenticated as an admin · Victim must be tricked into submitting the form

MITRE ATT&CK

T1189 - Drive-by Compromise

devstral-2 · analyzed Feb 16, 2026 Full analysis →

nomisec WORKING POC

by RajeshTiwiva · poc

https://github.com/RajeshTiwiva/CVE-2010-2039

View Code ZIP pw:eip

This PoC exploits an authentication bypass vulnerability in the target software by sending a crafted POST request to create a new admin user without proper authorization. The exploit leverages a flawed user creation mechanism in the Admin_Users endpoint.

Classification

Working Poc 90%