This exploit demonstrates a CSRF vulnerability in TypeSetter CMS 5.1, allowing an attacker to change the admin email address via a crafted HTML form. The PoC includes a valid HTTP request and a functional HTML form to trigger the vulnerability.
Classification
Working Poc 95%
Attack Type
Auth Bypass
Complexity
Trivial
Reliability
Reliable
Target:TypeSetter CMS 5.1
No auth needed
Prerequisites:Victim must be authenticated as admin and visit the malicious HTML page