CVE-2017-8382 PoC — Admidio 跨站请求伪造漏洞

Source

https://github.com/faizzaidi/Admidio-3.2.8-CSRF-POC-by-Provensec-llc

Associated Vulnerability

Title:Admidio 跨站请求伪造漏洞 (CVE-2017-8382)
Description:Admidio是一套免费的用于协会、团体和组织的在线会员管理系统。该系统提供用户管理、添加和更新主页以及安装和调整上面的模块等功能。 Admidio 3.2.8版本中的adm_program/modules/members/members_function.php文件存在跨站请求伪造漏洞。远程攻击者可利用该漏洞删除任意的用户账户。

Description

Admidio 3.2.8 Cross-Site Request Forgery Assigned CVE Number: CVE-2017-8382

Readme

# Admidio-3.2.8-CSRF-POC-by-Provensec-llc
Admidio 3.2.8 Cross-Site Request Forgery Assigned CVE Number: CVE-2017-8382

https://www.exploit-db.com/exploits/42005/

http://en.0day.today/exploit/27771

File Snapshot


 [4.0K]  /data/pocs/8cda8eee5751c2aee9973f04b49d7010fdf77c22
├── [643K]  Admidio 3.2.8 CSRF POC by Provensec llc.pdf
└── [ 199]  README.md

0 directories, 2 files

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!