Home > CVE > CVE-2018-15187:Advanced Real Estate Script -4.0.9- has CSRF

CVE-2018-15187:Advanced Real Estate Script -4.0.9- has CSRF

CVE-2018-15187-Vikas chaudhary

My self Vikas chaudhary .I’m Cyber Security Analyst ,I found that specified PHP Scripts Mall Auditor Website 2.0.1 has CSRF vulnerability. To exploit the vulnerability, the following steps were taken.

VENDOR SUMMARY :-< PHP Scripts Mall Pvt. Ltd. is a professional software selling portal offering wide range of innovative PHP scripts PHP Scripts Mall is a leading business and technology firm with 12 years of successful track record in completion and implementation of numerous projects in various verticals and domains.. It has 300 plus PHP scripts ready to buy.

DESCRIPTION :-< The application allows users to perform certain actions via HTTP requests without performing any validity checks to verify the requests. This can be exploited to perform certain actions with administrative privileges if a logged-in user visits a malicious web site.The issue is triggered when an unauthorized input passed via multiple POST and GET parameters are not properly sanitized before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user’s browser session in context of an affected site.

Step 1- Open Burp Suite =>make intercept on

CVE-2018-15187-Vikas chaudhary
CVE-2018-15187-Vikas chaudhary

Step 2- Go to Vendor link => https://www.phpscriptsmall.com/product/advanced-real-estate-script/ or Click here

Step 3- Click on sign up and register in using your mail , password and so on

CVE-2018-15187-Vikas chaudhary

Step 4- Verify your mail id

Step 5- Come back to site and sign in

Step 6- Go to Dashbord => Edit Profile and rename according you and click on update

Step 7- Burp will Capture the data

Step 8- Gererate CSRF PoC

CVE-2018-15187-Vikas chaudhary
CVE-2018-15187-Vikas chaudhary

My Previous CVE (Visit Once)…

ALL CVE
CVE-2018-15186
CVE-2018-15185
CVE-2018-15184
CVE-2018-15183
CVE-2018-15182
CVE-2018-15181
CVE-2018-15191

CONTACT US



Summary
Article Name=>
CVE-2018-15187
Description=>
Advanced Real Estate Script -4.0.9- has CSRF Vulnerability is Founded by Admin of this Blog .
Author=>
Publisher Name=>
www.gkaim.com
Admin
Welcome Sir, .. Myself Vikas Chaudhary , i was interested in general knowledge since childhood , so i thought why not to share my knowledge with you, that's why i created this educational blog. Here you find world wide general knowledge of all Latest technology , Science & History Que , and Mysterious fact of the world. Here you also find knowledge about cyber security. Thanks for visit.. keep supporting....keep Loving
https://www.gkaim.com

3 thoughts on “CVE-2018-15187:Advanced Real Estate Script -4.0.9- has CSRF

  1. I have noticed you don’t monetize your page, don’t waste your traffic, you can earn extra bucks every month.
    You can use the best adsense alternative for any type of website
    (they approve all websites), for more details simply search in gooogle: boorfe’s tips monetize your website

Leave a Reply

Your email address will not be published.

%d bloggers like this:
\