CVE-2018-16431 PoC — YFCMF 跨站请求伪造漏洞

Source

https://github.com/Rhyru9/CVE-2018-16431

Associated Vulnerability

Title:YFCMF 跨站请求伪造漏洞 (CVE-2018-16431)
Description:YFCMF是一款基于ThinkPHP的网站内容管理框架。 YFCMF 3.0版本中的admin/admin/adminsave.html页面存在跨站请求伪造漏洞。远程攻击者可利用该漏洞添加管理员账户。

Description

CVE-2018-16431 mass scanner and single target scan.

File Snapshot


 [4.0K]  /data/pocs/2d5fd075a3e53d1992a3dbb898a6cfb3fbf234f5
├── [6.9K]  CVE-2018-16341.py
├── [6.9K]  Mass-Checker.py
├── [  27]  requirements.txt
├── [ 72K]  Screenshot (37).png
└── [130K]  Screenshot (38).png

1 directory, 5 files

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!