N-13 News 3.4 Remote Admin Add CSRF Exploit

Exploit for php platform in category web applications Title: N-13 News 3.4 Remote Admin Add CSRF Exploit Author : anT!-Tr0J4n Email : D3v-PoinTathotmaild0tcom & C1EHatHotmaild0tcom Greetz : Dev-PoinT.com ; hack-book.com // GlaDiatOr ; Coffin Of Evil ;The Sword; Cyber-Err0r ; R3d-D3v1L special...

S40 CMS v.0.4.1 Change Admin Passwd CSRF Exploit

Exploit for php platform in category web applications In The Name Of GOD + Exploit Title:remote change user and password exploit + Date: 2010 + script:S40 CMS v.0.4.1 beta + Software: http://s40.biz/?p=download + Author : pentesters.ir +discovered by:ahmadbady + Contact : email protected + Websit...

phpKF Forum 1.80 profil_degistir.php CSRF Exploit

Exploit for php platform in category web applications ================================================= phpKF Forum 1.80 profildegistir.php CSRF Exploit ================================================= Exploit Title : phpKF Forum profildegistir.php CSRF Exploit. Google Dork : php Kolay Forum php...

phpKF Forum 1.80 Cross Site Request Forgery

Exploit Title : phpKF Forum profildegistir.php CSRF Exploit. Google Dork : php Kolay Forum phpKF © 2007 - 2010 phpKF Ekibi Date : 05-12-2010 Author : FreWaL Software Link : http://www.phpkf.com/dosya.php?no=935 Version : 1.80 and tested on All version My Website : www.imhatimi.org & www.ihtilal.i...

Mosets Tree 2.1.6 Cross Site Request Forgery

'; / page - any one of: pageaddCategory pageaddListing pageadvSearchRedirect pageadvSearchResults pageadvSearch pageclaim pageconfirmDelete pagecontactOwner pageerrorListing pageerror pagegallery pageimage pageindex pagelistAlpha pagelisting pagelistListings pageownerListing pageprint pagerecomme...

Event Ticket Portal Script Cross Site Request Forgery

=========================================================== Event Ticket PORTAL Explotation| Exploit.HTML ========CSRF Html Exploit========= Event Ticket PORTAL - Admin Password Chage CSRF Exploited by KnocKout Username: New Password: input type="subm...

ecshop modify any user password vulnerability of the CSRF exploit-vulnerability warning-the black bar safety net

ecshop in the design of the authentication mechanism when there is a problem, resulting in malicious users can steal other user's password, this process can be byxssand csrf to achieve Vulnerability exp: html body form action="http://www.chinasg.tk/ecshop/user.php" method="POST" INPUT TYPE="text"...

piwigo-2.1.2 - Multiple Vulnerabilities

--=Sql injection=-- http://www.target.com/path/[email protected]&author=sweet&cat=1SQLi&since=1&sortby=date&sortorder=DESC&itemsnumber=5 http://www.target.com/path/picture.php?1sweetSQLi&action=rate=0 http://www.target.com/path/index.php?/search/10SQli --=Stored Xss=-- Admi...

"ecshop修改任意用户密码漏洞"的CSRF利用

简要描述： ecshop在设计认证机制的时候存在一个问题，导致恶意用户可以窃取其他用户的密码，这个过程可以通过xss和csrf实现 Demo For:http://www.wooyun.org/bug.php?action=view&id=395 详细说明： 利用csrf和xss可以突破官方所说的“障碍” xss版本已经有人说明 这里给出csrf版本 漏洞证明： document.forms0.submit; 构造该网页，用户在登录情况下访问该网页将导致email以及一些其他安全信息丢失...

Wizmall 6.4 Cross Site Request Forgery

Exploit Title: wizmall 6.4 CSRF Vulnerabilities Date: 08/10/2010 Author: pyw1414 Software Link: http://www.shop-wiz.com/board/main/view/root/wizmall01/159/0 Version: 6.4 UTF-8 For php Tested on: XP SP3 -= CSRF Exploit - Change Admin ID/PW =- Wizmall 6.4 UTF-8 For php CSRF Vulnerabilities - Change...

wizmall 6.4 - Cross-Site Request Forgery

wizmall 6.4 - Cross-Site Request Forgery Exploit Title: wizmall 6.4 CSRF Vulnerabilities Date: 08/10/2010 Author: pyw1414 Software Link: http://www.shop-wiz.com/board/main/view/root/wizmall01/159/0 Version: 6.4 UTF-8 For php Tested on: XP SP3 -= CSRF Exploit - Change Admin ID/PW =- Wizmall 6.4...

wizmall 6.4 - Cross-Site Request Forgery

Exploit Title: wizmall 6.4 CSRF Vulnerabilities Date: 08/10/2010 Author: pyw1414 Software Link: http://www.shop-wiz.com/board/main/view/root/wizmall01/159/0 Version: 6.4 UTF-8 For php Tested on: XP SP3 -= CSRF Exploit - Change Admin ID/PW =- Wizmall 6.4 UTF-8 For php CSRF Vulnerabilities - Change...

Uploader 0.1.5 - Multiple Vulnerabilities

======================================================================================== | Title : Uploader 0.1.5 Mullti Vulnerability | Author : indoushka | email : [email protected] | Home : www.iqs3cur1ty.com | Script : Powered by Uploader 0.1.5 | Tested on: windows SP2 Français V.Pnx2 2.0...

Uploader v0.1.5 Multiple Vulnerabilities

Exploit for php platform in category web applications ======================================== Uploader v0.1.5 Multiple Vulnerabilities ======================================== ======================================================================================== | Title : Uploader 0.1.5 Mullti...

68kb Knowledge Base v1.0.0rc3 edit main settings CSRF

Exploit for php platform in category web applications ===================================================== 68kb Knowledge Base v1.0.0rc3 edit main settings CSRF ===================================================== Exploit Title: 68kb Knowledge Base v1.0.0rc3 edit main settings CSRF Date:...

Harris Stratex StarMAX subscriber station running config CSRF exploit

===================================================================== Harris Stratex StarMAX subscriber station running config CSRF exploit ===================================================================== 1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /' /' / ...

Ane CMS CSRF Vulnerability

Exploit for unknown platform in category web applications ========================== Ane CMS CSRF Vulnerability ========================== Vulnerability found in- Admin module Credit by Pratul Agrawal Software AneCMS Category CMS / Portals Plateform php Proof of concept Targeted URL:...

Litespeed Web Server 4.0.12 Cross Site Request Forgery / Cross Site Scripting

Exploit Title: Litespeed Web Server - Add Admin CSRF and XSS Vulnerabilities Date: 2010-02-04 Author: d1dn0t didnotatmedotcom Software Link: http://www.litespeedtech.com/litespeed-web-server-downloads.html Version: 4.0.12 Greetz: Muts/Ryujin/KernelSaunders 0x00 Product Description LiteSpeed Web...

Easy Banner Pro - Cross-Site Request Forgery (Add Admin)

Easy Banner Pro - Cross-Site Request Forgery Add Admin Title: Easy Banner Pro - CSRF Create Administrator Account Date: 14/12/2009 Author: bi0 Software Link: http://scripts-gate.com/4/easy-banner-pro-banner-exchange-script.html CVE : /\ == \ /\ \ /\ \ \ \ in...

Piwigo 2.0.6 - Multiple Vulnerabilities

Piwigo 2.0.6 - Multiple Vulnerabilities Piwigo v2.0.6 Multiple Vulnerabilities Found By: mrme Download: http://piwigo.org/ Tested On: Windows Vista Note: For educational purposes only Vulnerabilities: XSS, CSRF, SQL Injection Author contact date: 13/12/09 Note: There is possibly many other...