Submeter #673435: ajayrandhawa/User-Management-PHP-MYSQL web 1 Cross-Site Request Forgeryinformação

Títuloajayrandhawa/User-Management-PHP-MYSQL web 1 Cross-Site Request Forgery
DescriçãoThis project has a CSRF vulnerability. After downloading the project and successfully deploying it locally, log in to the administrator account. The operations of deleting users and changing user status are executed via GET requests, with no CSRF protection measures in place. Attackers can trick administrators into clicking malicious links to delete any user or modify the status of any user.
Fonte⚠️ https://github.com/Lianhaorui/Report/blob/main/CSRF-10.11.7z
Utilizador
 lianhaorui (UID 91045)
Submissão11/10/2025 15h37 (há 9 meses)
Moderação25/10/2025 08h25 (14 days later)
EstadoAceite
Entrada VulDB329872 [ajayrandhawa User-Management-PHP-MYSQL web até fedcf58797bf2791591606f7b61fdad99ad8bff1 Falsificação de Pedido entre Sites]
Pontos19

VoltarVisão GeralPróximo

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!