Invia #673435: ajayrandhawa/User-Management-PHP-MYSQL web 1 Cross-Site Request Forgeryinformazioni

Titoloajayrandhawa/User-Management-PHP-MYSQL web 1 Cross-Site Request Forgery
DescrizioneThis project has a CSRF vulnerability. After downloading the project and successfully deploying it locally, log in to the administrator account. The operations of deleting users and changing user status are executed via GET requests, with no CSRF protection measures in place. Attackers can trick administrators into clicking malicious links to delete any user or modify the status of any user.
Fonte⚠️ https://github.com/Lianhaorui/Report/blob/main/CSRF-10.11.7z
Utente
 lianhaorui (UID 91045)
Sottomissione11/10/2025 15:37 (8 mesi fa)
Moderazione25/10/2025 08:25 (14 days later)
StatoAccettato
Voce VulDB329872 [ajayrandhawa User-Management-PHP-MYSQL web fino a fedcf58797bf2791591606f7b61fdad99ad8bff1 cross site request forgery]
Punti19

PrecedenteVisione D'ensembleIl prossimo

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!