| Titel | PHPGurukul Complaint Management System 2.0 Cross-Site Request Forgery |
|---|
| Beschreibung | A Cross-Site Request Forgery (CSRF) vulnerability exists in the Complaint Management System V2.0.
Source code address:https://phpgurukul.com/complaint-management-sytem/
The backend lacks any defensive measures against CSRF, such as CSRF tokens or HTTP Referer verification. If the victim is an administrator or privileged user, the consequences may include gaining complete control over the web application, such as deleting or modifying data.
We give an example. Deleting a user also deletes related complaints submitted by the user, severely compromises the integrity and availability of the system. |
|---|
| Quelle | ⚠️ https://github.com/N1n3b9S/cve/issues/8 |
|---|
| Benutzer | Anonymous User |
|---|
| Einreichung | 16.07.2025 09:26 (vor 9 Monaten) |
|---|
| Moderieren | 18.07.2025 21:20 (2 days later) |
|---|
| Status | Akzeptiert |
|---|
| VulDB Eintrag | 316938 [PHPGurukul Complaint Management System 2.0 Cross Site Request Forgery] |
|---|
| Punkte | 20 |
|---|