# Title: PHP Product Catalog - [ CSRF ] Change Administrator Password # Date: 28/1/2010 # Author: bi0 # Software Link: http://www.tantumweb.com # CVE : () ______ __ ______ /\ == \ /\ \ /\ __ \ \ \ __< \ \ \ \ \ \/\ \ \ \_____\ \ \_\ \ \_____\ \/_____/ \/_/ \/_____/ 01000010 01101001 01001111 [#]----------------------------------------------------------------[#] # # [+] PHP Product Catalog - [ CSRF ] Change Administrator Password # # // Author Info # [x] Author: bi0 # [x] Contact: bukibv@hotmail.com # [x] Thanks: Pig,packetdeath,redking,sp1r1t and all my friends # [x] IRC : irc.clickshqip.com / #itsecurity # [#]-------------------------------------------------------------------------------------------[#] # # [x] Exploit : # # [ CSRF ] # # [ Login ] # http://[server]/[path]/admin.php # # // Start CSRF |-------------------------------------------------------------------------------|
Admin :
Passwd
Email :
|-------------------------------------------------------------------------------| # // End of attack # [#]------------------------------------------------------------------------------------------[#] #EOF _________________________________________________________________ Hotmail: Powerful Free email with security by Microsoft. https://signup.live.com/signup.aspx?id=60969