# Exploit Title :----------- : Colorful Blog - Cross-Site Request Forgery (Change Admin Pass) # Author :------------------ : Besim # Google Dork :---------- : - # Date :--------------------- : 13/10/2016 # Type :--------------------- : webapps # Platform :---------------- : PHP # Vendor Homepage :-- : - # Software link :---------- : http://wmscripti.com/php-scriptler/colorful-blog-scripti.html Description : You can change admin's password with CSRF, if you know admin's username ########################### CSRF PoC ############################### ####################################################################