|\ /| | -------- |\ /| -------/ |---------/ | \ / | | | | \ / | / | / | \ / | | | | \ / | / | / | \ / | | | | \ / | / | / | \/ | | | | \/ | / | / | | | | | | / |----/ | | | | | | /----- | \ | | | | | | / | \ | | | | | | / | \ | | | | | | / | \ | | | | | | / | \ | | | | | | / | \ | | | | | | / | \ @mitm3r ----------------------------------------------------------------------------------------------- Site: https://www.rentmystay.com/ ----------------------------------------------------------------------------------------------- ###################### # Exploit Title : Rentmystay CSRF + XSS account takeover # Exploit Author : mitm3r # Contact: botsec0@gmail.com # Vendor Homepage : https://www.rentmystay.com/ # Tested On : Windows 10 / Linux mint ###################### # Target: https://www.rentmystay.com/ # Vulnerable link 1 https://www.rentmystay.com/account/account_settings [TAKEOVER WITH EMAIL] #Exploit
" />
# Vulnerable link 2 https://www.rentmystay.com/account/account-password [TAKEOVER WITH PASSWORD] #Exploit
# Fix/Patch Use Anti-CSRF token in the website and for Password takeover CSRF at least ask for 'Current password' in password change form. # siph0n [2018-12-10]