| Título | code-projects School Fees Payment System 1.0 Cross-Site Request Forgery |
|---|
| Descrição | During security assessment of "School Fees Payment System", a CSRF vulnerability was discovered in all functionalities that modify the system status and user data. The system lacks CSRF protection mechanisms, enabling attackers to forge malicious requests that execute privileged actions via authenticated victims' browsers. Immediate implementation of anti-CSRF measures is required to prevent unauthorized operations. |
|---|
| Fonte | ⚠️ https://github.com/tuooo/CVE/issues/15 |
|---|
| Utilizador | DS_Leo (UID 86084) |
|---|
| Submissão | 14/06/2025 12h37 (há 10 meses) |
|---|
| Moderação | 19/06/2025 12h34 (5 days later) |
|---|
| Estado | Aceite |
|---|
| Entrada VulDB | 313336 [code-projects School Fees Payment System 1.0 Falsificação de Pedido entre Sites] |
|---|
| Pontos | 19 |
|---|