| tiêu đề | Script And Tools e-Commerce 3.0 3.0 Cross-Site Request Forgery (CSRF) |
|---|
| Mô tả | Title of the Vulnerability:
Script and Tools | eCommerce 3.0 | admin/customer-delete.php - CSRF
Vulnerability Class: Cross-Site Request Forgery (CSRF)
Product Name: eCommerce 3.0
Vendor: https://github.com/scriptandtools/
Vulnerable Product Link: https://github.com/scriptandtools/eCommerce-website-in-PHP
Technical Details & Description:
The application source code is coded in a way which allows : Cross-Site Request Forgery (CSRF)
Product & Service Introduction: eCommerce-3.0
Observation & Exploitation:
Here,The Vulnerable File Is:
/admin/subscriber-delete.php
Who will be affected of this attack?
->The Admin! Because Hackers will be able to delete the Subscriber Data List!
Thus the admin will lose the big email list if his subscribers! |
|---|
| Nguồn | ⚠️ https://www.websecurityinsights.my.id/2025/04/script-and-tools-ecommerce-30_79.html?m=1 |
|---|
| Người dùng | MaloyRoyOrko (UID 79572) |
|---|
| Đệ trình | 04/04/2025 15:31 (cách đây 1 Năm) |
|---|
| Kiểm duyệt | 16/04/2025 02:49 (11 days later) |
|---|
| Trạng thái | Bản sao |
|---|
| Mục VulDB | 304598 [ScriptAndTools eCommerce-website-in-PHP 3.0 Giả mạo yêu cầu liên trang] |
|---|
| điểm | 0 |
|---|