CVE-2018-25200

MEDIUM

OOP CMS BLOG 1.0 - Unauthenticated Cross-Site Request Forgery via addUser.php

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2018-25200. PoCs published by Ihsan Sencan.

AI-analyzed exploit summary This exploit demonstrates a Cross-Site Request Forgery (CSRF) vulnerability in OOP CMS BLOG 1.0, allowing an attacker to add an admin user via a crafted POST request. The PoC includes both raw HTTP request and HTML form examples.

Description

OOP CMS BLOG 1.0 contains a cross-site request forgery vulnerability that allows unauthenticated attackers to create administrative user accounts by crafting malicious POST requests. Attackers can submit forms to the addUser.php endpoint with parameters including userName, password, email, and role set to administrative privileges to gain unauthorized access.

Exploits (1)

exploitdb WORKING POC
by Ihsan Sencan · textwebappsphp
https://www.exploit-db.com/exploits/45794

This exploit demonstrates a Cross-Site Request Forgery (CSRF) vulnerability in OOP CMS BLOG 1.0, allowing an attacker to add an admin user via a crafted POST request. The PoC includes both raw HTTP request and HTML form examples.

Classification
Working Poc 90%
Attack Type
Auth Bypass
Complexity
Trivial
Reliability
Reliable
Target: OOP CMS BLOG 1.0
No auth needed
Prerequisites: Victim must be authenticated and tricked into submitting the form or request
devstral-2 · analyzed Mar 06, 2026 Full analysis →

References (2)

Core 2
Core References
Exploit, Third Party Advisory exploit
https://www.exploit-db.com/exploits/45794

Scores

CVSS v3 5.3
EPSS 0.0015
EPSS Percentile 5.0%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

CISA SSVC

Vulnrichment
Exploitation poc
Automatable yes
Technical Impact partial

Details

CWE
CWE-352
Status published
Products (1)
tomalofficial/php_oop_cms_blog 1.0
Published Mar 06, 2026
Tracked Since Mar 06, 2026