4 matches found
WSTMart 2.0.8 - Cross-Site Request Forgery (Add Admin) Vulnerability
Exploit for php platform in category web applications Exploit Title: WSTMart 2.0.8 - Cross-Site Request Forgery Add Admin Exploit Author: linfeng Vendor Homepage:https://github.com/wstmall/wstmart/ Software Link:http://www.wstmart.net/ Version: WSTMart 2.0.8181212 CVE :CVE-2018-19138 0x02 CSRF Po...
WSTMart 2.0.8 - Cross-Site Request Forgery (Add Admin)
WSTMart 2.0.8 - Cross-Site Request Forgery Add Admin Exploit Title: WSTMart 2.0.8 - Cross-Site Request Forgery Add Admin Date: 2018-12-23 Exploit Author: linfeng Vendor Homepage:https://github.com/wstmall/wstmart/ Software Link:http://www.wstmart.net/ Version: WSTMart 2.0.8181212 CVE...
WSTMart 2.0.8 - Cross-Site Request Forgery (Add Admin)
Exploit Title: WSTMart 2.0.8 - Cross-Site Request Forgery Add Admin Date: 2018-12-23 Exploit Author: linfeng Vendor Homepage:https://github.com/wstmall/wstmart/ Software Link:http://www.wstmart.net/ Version: WSTMart 2.0.8181212 CVE :CVE-2018-19138 0x02 CSRF PoC 18/5000 Function point: background...
CVE-2018-19138
CVE-2018-19138 affects WSTMart versions around 2.0.7/2.0.8. The vulnerability is a Cross‑Site Request Forgery (CSRF) via the URI index.php/admin/staffs/add.html, which can allow an attacker to force actions in the background (e.g., adding an admin) without user consent. Connected exploit referenc...