EIP-2026-105723

This exploit demonstrates a Cross-Site Request Forgery (CSRF) vulnerability in Card Payment 1.0, allowing an attacker to update admin credentials via a crafted POST request. The PoC includes a raw HTTP request with parameters to modify the admin username and password.