| عنوان | ajayrandhawa/User-Management-PHP-MYSQL web 1 Cross-Site Request Forgery |
|---|
| الوصف | This project has a CSRF vulnerability. After downloading the project and successfully deploying it locally, log in to the administrator account.
The operations of deleting users and changing user status are executed via GET requests, with no CSRF protection measures in place. Attackers can trick administrators into clicking malicious links to delete any user or modify the status of any user. |
|---|
| المصدر | ⚠️ https://github.com/Lianhaorui/Report/blob/main/CSRF-10.11.7z |
|---|
| المستخدم | lianhaorui (UID 91045) |
|---|
| ارسال | 11/10/2025 03:37 PM (8 أشهر منذ) |
|---|
| الاعتدال | 25/10/2025 08:25 AM (14 days later) |
|---|
| الحالة | تمت الموافقة |
|---|
| إدخال VulDB | 329872 [ajayrandhawa User-Management-PHP-MYSQL web حتى fedcf58797bf2791591606f7b61fdad99ad8bff1 تزوير طلبات عبر المواقع] |
|---|
| النقاط | 19 |
|---|