| Title | code-projects Blood Bank Management System 1 Cross-Site Request Forgery |
|---|
| Description | There is a CSRF vulnerability on this endpoint `/file/updateprofile.php` which allows a remote user to update the user details of a hospital and can can lead to account takeover as the attacker can update all the information from the email to the password effectively increasing chances of account takeover |
|---|
| Source | ⚠️ https://github.com/bevennyamande/bloodbank_profile_update_csrf |
|---|
| User | 0xbeven (UID 76739) |
|---|
| Submission | 10/28/2024 21:41 (2 years ago) |
|---|
| Moderation | 10/30/2024 20:38 (2 days later) |
|---|
| Status | Accepted |
|---|
| VulDB entry | 282559 [code-projects Blood Bank Management System 1.0 /file/updateprofile.php cross-site request forgery] |
|---|
| Points | 17 |
|---|