Ids6 dsspro digital signage system 6.2 crosssite request forgery (csrf) Vulnerability / Exploit
/
/
/
Exploits / Vulnerability Discovered : 2020-11-05 |
Type : webapps |
Platform : hardware
This exploit / vulnerability Ids6 dsspro digital signage system 6.2 crosssite request forgery (csrf) is for educational purposes only and if it is used you will do on your own risk!
Summary: iDS6 Software's DSSPro network digital signage management system
is a web-based server software solution for Windows.
Desc: The application interface allows users to perform certain actions via
HTTP requests without performing any validity checks to verify the requests.
This can be exploited to perform certain actions with administrative privileges
if a logged-in user visits a malicious web site.
Tested on: Microsoft Windows XP
Microsoft Windows 7
Microsfot Windows Server 2008
Microsoft Windows Server 2012
Microsoft Windows 10
Apache Tomcat/8.0.44
Apache Tomcat/6.0.35
Apache-Coyote/1.1
Apache Axis/1.4
MySQL 5.5.25
Java 1.8.0
Vulnerability discovered by Gjoko 'LiquidWorm' Krstic
@zeroscience