PHP Melody 1.9   CSRF  vulnerabilitie
------------------------------------------------------------
 
== Description ==
- Software link: http://www.dl.seven7soft.net/script/PHPMELODY1.9.zip
- Affected versions: version  1.9 .other versions might be affected as well.
- Vulnerability discovered by: Mehdi Dadkhah(Isfahan)(Email: mehdidadkhah@live.com)
-Google Dork: intext:"PHP Melody 1.9 powered by PHP Melody."


== Vulnerabilities ==
#CSRF Address :http://site.com/admin/login.php

== Proof of concept ==
 - For the CSRF Address ,we have:
#CSRF Address :http://site.com/admin/login.php
Form name: login
Form action: http://site.com/admin/login.php
Form method: POST

Form inputs:
ausername [Text]
apassword [Password]

An attacker may force the users of a web application to execute actions of the attacker's choosing. A successful CSRF exploit can compromise
end user data and operation in case of normal user. If the targeted end user is the administrator account, this can compromise the entire web
application.
== Solution ==
Check if this form requires CSRF protection and implement CSRF countermeasures if necessary.