i was using w3af for scanning the vulnerable website, not because i wonder to hack or what, but just for testing how the w3af run for. ok just to the point, when i try this tool, i always got this message : The URL: http://www.site.com/index.php is vulnerable to cross site request forgery. It allows the attacker to exchange the method from POST to GET when sending data to the server.
wish anyone can explain what did it means?