[Exploit]  [Remote]  [Local]  [Web Apps]  [Dos/Poc]  [Shellcode]  [RSS]

# Title : ZenPhoto Gallery 1.2.5 Admin Password Reset (CRSF)
# Published : 2009-07-16
# Author : petros
# Previous Title : webLeague 2.2.0 (Auth Bypass) Remote SQL Injection Exploit
# Next Title : VS PANEL 7.5.5 (results.php Cat_ID) SQL Injection Vulnerability


<?php
####################################################################
#     Zen Photo Adminstrator Password Steal/Reset Exploit          #
#+================================================================+#
#     Discovered and coded by petros [at] dusecurity.com           #
#+----------------------------------------------------------------+#
#     Affects: ZenPhoto Gallery 1.2.5		                   #
#+----------------------------------------------------------------+#
# Zenphoto is an answer to lots of calls for an online             #
# gallery solution that just makes sense. After years of           #
# bloated software that does everything and your dishes,           #
# zenphoto just shows your photos, simply. Ita