Submit #615620: code-projects E-Commerce Site 1.0 CSRFinfo

Titlecode-projects E-Commerce Site 1.0 CSRF
DescriptionThis vulnerability exists in the '/cart_add.php' file of the e-commerce system. An attacker can craft a malicious webpage and trick authenticated users into visiting it. Without proper CSRF token validation, the backend cannot distinguish whether a request is legitimate or forged. As a result, attackers can perform unauthorized actions such as adding items to a user's cart, manipulating order quantities, launching inventory denial-of-service attacks, and even controlling the user's order placement.
Source⚠️ https://github.com/BalanceLee/CVE/issues/3
User balancelee (UID 87843)
Submission07/14/2025 07:38 (9 months ago)
Moderation07/17/2025 12:38 (3 days later)
StatusAccepted
VulDB entry316746 [code-projects E-Commerce Site 1.0 cross-site request forgery]
Points20

PreviousOverviewNext

Do you need the next level of professionalism?

Upgrade your account now!