The exploit demonstrates multiple vulnerabilities in OpenAuto 1.6.3, including XSS, XSRF, Blind SQLi, and Captcha bypass. It provides functional PoC code for each vulnerability, including curl commands and HTML forms.
Classification
Working Poc 100%
Attack Type
Xss | Sqli | Auth Bypass | Other
Complexity
Moderate
Reliability
Reliable
Target:OpenAuto 1.6.3
Auth required
Prerequisites:Access to the target application · User account for Blind SQLi · Dealer account for editing listings