Submit #800691: code-projects Invoice System in Laravel 1.0 Cross-Site Request Forgery (CSRF) + Weak Session Handlinginfo

Titlecode-projects Invoice System in Laravel 1.0 Cross-Site Request Forgery (CSRF) + Weak Session Handling
DescriptionThe logout functionality is implemented as a GET request and does not require a CSRF token. This allows an attacker to force a victim to log out of the application by tricking them into clicking a link or loading a malicious image tag that points to the logout URL.
Source⚠️ https://gist.github.com/higordiego/e25a1bb5cf93ffbda2e80b6cbc031a8b
User
 c4ttr4ck (UID 75518)
Submission04/09/2026 03:47 (3 months ago)
Moderation04/26/2026 16:45 (18 days later)
StatusAccepted
VulDB entry359709 [code-projects Invoice System in Laravel 1.0 cross-site request forgery]
Points17

Do you need the next level of professionalism?

Upgrade your account now!