Prediction Football 2.51 – Cross-Site Request Forgery

Exploit Database
17 阅读

作者： Smith Falcon

日期： 2011-08-14
类别：
- webapps
平台：
- php
来源：https://www.exploit-db.com/exploits/17666/

# Exploit Title: [title]
# Google Dork: [if relevant]intext:"Prediction football 2.51"
# Date: 08/08/2011
# Author: Smith Falcon
# Software Link: http://www.predictionfootball.com/download/download.html
# Version: 2.51
# Tested on: Linux

First create a username and go to Account Profile

The POST variable in index.php?cmd=changepass is vulnerable to CSRF

Grab Header Information with HTTP Live headers and replay the POST VARIABLE

&OLDPWD=anything&USERID=[id of user u want pwd
changed]&PWD1=[newpass]&PWD2=[newpass]&ChangePwd=Change+Password

REPLAY with new password of the userid and logout!
Now you can login with that desired user and password!

last Exploits
Prediction Football 2.51 – Cross-Site Request Forgery的更多信息

Bitrix bitrix.xscan Module 1.0.3 – Directory Traversal：
Rostermain 1.1 – Authentication Bypass：
vBulletin 5.0 < 5.5.4 - 'updateAvatar' Authenticated Remote Code Execution：
dotProject 2.1.5 – Multiple Vulnerabilities：
Under Construction Page with CPanel 1.0 – SQL injection：
DBPower C300 HD Camera – Remote Configuration Disclosure：
Flyspray 0.9.9.6 – Cross-Site Request Forgery：
WordPress Plugin SH Slideshow 3.1.4 – SQL Injection：