إرسال #742653: SourceCodester Medical Certificate Generator App 1.0 Cross-Site Request Forgeryالمعلومات

عنوان	SourceCodester Medical Certificate Generator App 1.0 Cross-Site Request Forgery
الوصف	The SourceCodester Medical Certificate Generator App is vulnerable to Cross-Site Request Forgery (CSRF), which allows an attacker to arbitrarily delete medical certificate records by tricking an authenticated user into submitting a crafted malicious request. The affected endpoint handles state-changing POST requests without enforcing any anti-CSRF protection mechanisms, such as unique CSRF tokens, strict origin or referer validation, or SameSite cookie restrictions. As a result, the application relies solely on session cookies for request authorization, making it susceptible to CSRF attacks.
المصدر	⚠️ https://github.com/Asim-QAZi/Cross-Site-Request-Forgery-Arbitrary-Medical-Certificate-Deletion
المستخدم	moasim (UID 93970)
ارسال	20/01/2026 11:24 AM (5 أشهر منذ)
الاعتدال	01/02/2026 05:39 PM (12 days later)
الحالة	تمت الموافقة
إدخال VulDB	343676 [SourceCodester Medical Certificate Generator App 1.0 تزوير طلبات عبر المواقع]
النقاط	20

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!