MkPortal Urlobox Cross Site Request Forgery

[info () burnhead it]

MkPortal Urlobox Cross Site Request Forgery

Discovered by: Demential
Web: http://www.burnhead.it
E-mail: info () burnhead it
Mkportal website: http://www.mkportal.it

posting [img]?ind=urlobox&op=delete&idurlo=X[/img] in MkPortal urlobox
where X is an ID of a message,
when administrator opens urlobox page
message X will be erased.