============================================= gpEasy <= 1.6.1 CSRF Remote Add Admin Exploit ============================================= Author : Giuseppe 'giudinvx' D'Inverno Email : Date : 04-29-2010 Site : http://www.giudinvx.altervista.org/ Location : Naples, Italy -------------------------------------------------------- Application Info Site : http://www.gpeasy.com/ Version: 1.6.1 -------------------------------------------------------- ==============[[ -Exploit Code- ]]============== # Now you have an Admin user with name: xxx and password: xxx, just login page [path]/index.php/Admin