| タイトル | PHPGurukul Complaint Management System 2.0 Cross-Site Request Forgery |
|---|
| 説明 | A Cross-Site Request Forgery (CSRF) vulnerability exists in the Complaint Management System V2.0.
Source code address:https://phpgurukul.com/complaint-management-sytem/
The backend lacks any defensive measures against CSRF, such as CSRF tokens or HTTP Referer verification. If the victim is an administrator or privileged user, the consequences may include gaining complete control over the web application, such as deleting or modifying data.
We give an example. Deleting a user also deletes related complaints submitted by the user, severely compromises the integrity and availability of the system. |
|---|
| ソース | ⚠️ https://github.com/N1n3b9S/cve/issues/8 |
|---|
| ユーザー | Anonymous User |
|---|
| 送信 | 2025年07月16日 09:26 (9 月 ago) |
|---|
| モデレーション | 2025年07月18日 21:20 (2 days later) |
|---|
| ステータス | 承諾済み |
|---|
| VulDBエントリ | 316938 [PHPGurukul Complaint Management System 2.0 クロスサイトリクエストフォージェリ] |
|---|
| ポイント | 20 |
|---|