Burp Suite Professional - Security Researcher - Exploit Intelligence Platform

CVE-2017-14267 WRITEUP HIGH WORKING POC

EE 4GEE WiFi MBB < EE60_00_05.00_31 - CSRF

EE 4GEE WiFi MBB (before EE60_00_05.00_31) devices have CSRF, related to goform/AddNewProfile, goform/setWanDisconnect, goform/setSMSAutoRedirectSetting, goform/setReset, and goform/uploadBackupSettings.

CVSS 8.8

View Code

CVE-2020-18418 WRITEUP HIGH WORKING POC

FeiFeiCMS v4.1.190209 - Cross-Site Request Forgery via Admin Account Creation

A Cross site request forgery (CSRF) vulnerability was discovered in FeiFeiCMS v4.1.190209, which allows attackers to create administrator accounts via /index.php?s=Admin-Admin-Insert.

CVSS 8.8

View Code

CVE-2022-42199 WRITEUP HIGH WORKING POC

Simple Exam Reviewer Management System 1.0 - Cross-Site Request Forgery via Exam List

Simple Exam Reviewer Management System v1.0 is vulnerable to Cross Site Request Forgery (CSRF) via the Exam List.

CVSS 8.8

View Code

CVE-2024-35011 WRITEUP MEDIUM WORKING POC

idccms v1.35 - Cross-Site Request Forgery via /admin/infoType_deal.php

idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component /admin/infoType_deal.php?mudi=rev&nohrefStr=close.

CVSS 5.4

View Code

CVE-2024-35012 WRITEUP MEDIUM WORKING POC

idccms v1.35 - Cross-Site Request Forgery via /admin/infoType_deal.php

idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component /admin/infoType_deal.php?mudi=add&nohrefStr=close.

CVSS 6.3

View Code

CVE-2024-35556 WRITEUP HIGH WORKING POC

idccms v1.35 - Cross-Site Request Forgery via /admin/vpsSys_deal.php?mudi=infoSet

idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component /admin/vpsSys_deal.php?mudi=infoSet.

CVSS 8.8

View Code

CVE-2024-36667 WRITEUP HIGH WORKING POC

idccms v1.35 - Cross-Site Request Forgery via /admin/idcProType_deal.php

idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component /admin/idcProType_deal.php?mudi=add&nohrefStr=close

CVSS 8.8

View Code

CVE-2024-39153 WRITEUP MEDIUM WORKING POC

idccms v1.35 - Cross-Site Request Forgery via /admin/info_deal.php

idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component /admin/info_deal.php?mudi=del&dataType=news&dataTypeCN.

CVSS 4.7

View Code

CVE-2024-39158 WRITEUP HIGH WORKING POC

idccms v1.35 - Cross-Site Request Forgery via /admin/userSys_deal.php?mudi=infoSet

idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component /admin/userSys_deal.php?mudi=infoSet.

CVSS 8.8

View Code

CVE-2025-7078 WRITEUP MEDIUM WORKING POC

07flycms and 07FlyCRM < 1.3.9 - Cross-Site Request Forgery

A vulnerability classified as problematic was found in 07FLYCMS, 07FLY-CMS and 07FlyCRM up to 1.3.9. This vulnerability affects unknown code. The manipulation leads to cross-site request forgery. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. This product is published under multiple names. The vendor was contacted early about this disclosure but did not respond in any way.

CVSS 4.3

View Code