Exploit Title: Wolf CMS Change Admin Password CSRF Date: 2010-04-03 Author: Stefan M. Software Link: http://www.wolfcms.org/ Version: 0.6.0a Email: stefo@cia.com GreeTz to: d14l(a.k.a Teo) & baltazar --- START OF HTML CODE ---
--- END OF HTML CODE --- You dont have to change username of the administrator,since this code will change the password of the user with the ID 1. After the victim executes this code,the password will be changed to your desired password. Later,just visit: http://[website]/admin/?/login and type username: admin password: [desired password] # If you have any questions whatsoever,feel free to contact me.