Отправить #551301: Script And Tools e-Commerce 3.0 3.0 Cross-Site Request Forgery (CSRF)Информация

НазваниеScript And Tools e-Commerce 3.0 3.0 Cross-Site Request Forgery (CSRF)
ОписаниеTitle of the Vulnerability: Script and Tools | eCommerce 3.0 | admin/customer-delete.php - CSRF Vulnerability Class: Cross-Site Request Forgery (CSRF) Product Name: eCommerce 3.0 Vendor: https://github.com/scriptandtools/ Vulnerable Product Link: https://github.com/scriptandtools/eCommerce-website-in-PHP Technical Details & Description: The application source code is coded in a way which allows : Cross-Site Request Forgery (CSRF) Product & Service Introduction: eCommerce-3.0 Observation & Exploitation: Here,The Vulnerable File Is: /admin/subscriber-delete.php Who will be affected of this attack? ->The Admin! Because Hackers will be able to delete the Subscriber Data List! Thus the admin will lose the big email list if his subscribers!
Источник⚠️ https://www.websecurityinsights.my.id/2025/04/script-and-tools-ecommerce-30_79.html?m=1
Пользователь
 MaloyRoyOrko (UID 79572)
Представление04.04.2025 15:31 (1 Год назад)
Модерация16.04.2025 02:49 (11 days later)
СтатусДубликат
Запись VulDB304598 [ScriptAndTools eCommerce-website-in-PHP 3.0 подделка межсайтовых запросов]
Баллы0

ПредыдущийОбзорДалее

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!