Отправить #800691: code-projects Invoice System in Laravel 1.0 Cross-Site Request Forgery (CSRF) + Weak Session HandlingИнформация

Название	code-projects Invoice System in Laravel 1.0 Cross-Site Request Forgery (CSRF) + Weak Session Handling
Описание	The logout functionality is implemented as a GET request and does not require a CSRF token. This allows an attacker to force a victim to log out of the application by tricking them into clicking a link or loading a malicious image tag that points to the logout URL.
Источник	⚠️ https://gist.github.com/higordiego/e25a1bb5cf93ffbda2e80b6cbc031a8b
Пользователь	c4ttr4ck (UID 75518)
Представление	09.04.2026 03:47 (2 месяцы назад)
Модерация	26.04.2026 16:45 (18 days later)
Статус	принято
Запись VulDB	359709 [code-projects Invoice System in Laravel 1.0 подделка межсайтовых запросов]
Баллы	17

Interested in the pricing of exploits?

See the underground prices here!