| 제목 | PHPGurukul Complaint Management System 2.0 Cross-Site Request Forgery |
|---|
| 설명 | A Cross-Site Request Forgery (CSRF) vulnerability exists in the Complaint Management System V2.0.
Source code address:https://phpgurukul.com/complaint-management-sytem/
The backend lacks any defensive measures against CSRF, such as CSRF tokens or HTTP Referer verification. If the victim is an administrator or privileged user, the consequences may include gaining complete control over the web application, such as deleting or modifying data.
We give an example. Deleting a user also deletes related complaints submitted by the user, severely compromises the integrity and availability of the system. |
|---|
| 원천 | ⚠️ https://github.com/N1n3b9S/cve/issues/8 |
|---|
| 사용자 | Anonymous User |
|---|
| 제출 | 2025. 07. 16. AM 09:26 (9 개월 ago) |
|---|
| 모더레이션 | 2025. 07. 18. PM 09:20 (2 days later) |
|---|
| 상태 | 수락 |
|---|
| VulDB 항목 | 316938 [PHPGurukul Complaint Management System 2.0 교차 사이트 요청 위조] |
|---|
| 포인트들 | 20 |
|---|