Exploits / Vulnerability Discovered : 2019-08-08 |
Type : webapps |
Platform : php
This exploit / vulnerability Adive framework 2.0.7 crosssite request forgery is for educational purposes only and if it is used you will do on your own risk!
[+] Code ...
# Exploit Title: Adive Framework 2.0.7 – Cross-Site Request Forgery (CSRF)
# Date:02/08/2019.
# Exploit Author: Pablo Santiago
# Vendor Homepage: https://adive.es
# Software Link: https://github.com/ferdinandmartin/adive-php7
# Version: 2.0.7
# Tested on: Windows and Kali linux
# CVE :2019-14346
# 1. Technical Description:
# Adive Framework 2.0.7 and possibly before are affected by Cross-Site
#Request Forgery vulnerability, an attacker could change any user
password.