| 제목 | ajayrandhawa/User-Management-PHP-MYSQL web 1 Cross-Site Request Forgery |
|---|
| 설명 | This project has a CSRF vulnerability. After downloading the project and successfully deploying it locally, log in to the administrator account.
The operations of deleting users and changing user status are executed via GET requests, with no CSRF protection measures in place. Attackers can trick administrators into clicking malicious links to delete any user or modify the status of any user. |
|---|
| 원천 | ⚠️ https://github.com/Lianhaorui/Report/blob/main/CSRF-10.11.7z |
|---|
| 사용자 | lianhaorui (UID 91045) |
|---|
| 제출 | 2025. 10. 11. PM 03:37 (8 개월 ago) |
|---|
| 모더레이션 | 2025. 10. 25. AM 08:25 (14 days later) |
|---|
| 상태 | 수락 |
|---|
| VulDB 항목 | 329872 [ajayrandhawa User-Management-PHP-MYSQL web 까지 fedcf58797bf2791591606f7b61fdad99ad8bff1 교차 사이트 요청 위조] |
|---|
| 포인트들 | 19 |
|---|