============================================================================================================================================= | # Title : Vehicle Service Management System 1.0 CSRF Add Admin Vulnerability | | # Author : indoushka | | # Tested on : windows 10 Fr(Pro) / browser : Mozilla firefox 130.0.0 (64 bits) | | # Vendor : https://www.kashipara.com/project/php/10641/online-vehicle-service-management-system | ============================================================================================================================================= poc : [+] Dorking İn Google Or Other Search Enggine. [+] This payload inject new admin account. [+] Line 6 Set your Target. [+] Line 15+19 Set your user & pass. [+] save payload as poc.html [+] payload : Greetings to :===================================================================================== jericho * Larry W. Cashdollar * LiquidWorm * Hussin-X * D4NB4R * Malvuln (John Page aka hyp3rlinx)| ===================================================================================================