objectif8 CSRF VULNERABILITY

Published
Credit
Risk
2017.05.12
Mohammad Babaee
Low
CWE
CVE
Local
Remote
CWE-352
N/A
No
Yes
Dork: intext:"Web site designed and developed by Objectif 8 Inc."

Exploit Title : objectif8 CSRF VULNERABILITY
Google Dork : intext:"Web site designed and developed by Objectif 8 Inc."
Date : 11/05/2017
Exploit Author : Mohammad Babaee
Vendor Homepage : http://www.objectif8.com/
Software Link : http://www.objectif8.com/
Version : 1.0
Tested on : Windows10 , Firefox

################################################################


Proof of concept : objectif8 CSRF VULNERABILITY

1 - Search this Google Dork : intext:"Web site designed and developed by Objectif 8 Inc."
2 - Find Websites With CSRF BUG
3 - Open One of them .... Like : example.com
4 - then go to this directory : example.com/[/rte/insert_link.htm]
5 - simple : example.com/rte/insert_link.htm
6 - The End .... Enjoy Of Hack !

DEMO :

https://isre.org/rte/insert_link.htm [CSRF VULNERABILITY]


# Discovered by : Mohammad Babaee


See this note in RAW Version

 
Bugtraq RSS
Bugtraq
 
CVE RSS
CVEMAP
 
REDDIT
REDDIT
 
DIGG
DIGG
 
LinkedIn
LinkedIn


Copyright 2017, cxsecurity.com