Through CSRF you can change the admin password,is not so inoffensive. Can be used with XSS,redirected from XSS.
Basic example
- Code snippet from test.php
-----------------------------------------
<?php
check_auth();
if(isset($_GET['news']))
{ unlink('files/news'.$news.'.txt'); }
else {
die('File not deleted'); }
?>
Basic example
- Code snippet from test.php
-----------------------------------------
<?php
check_auth();
if(isset($_GET['news']))
{ unlink('files/news'.$news.'.txt'); }
else {
die('File not deleted'); }
?>