| tiêu đề | SourceCodester Stock Management System (SMS-PHP by oretnom23) 1.0 Cross-Site Request Forgery |
|---|
| Mô tả | A Cross-Site Request Forgery (CSRF) vulnerability has been identified in the admin panel of Stock Management System (SMS-PHP by oretnom23), specifically on the user's creation page. An attacker can exploit this vulnerability to create a new administrator account with full privileges by submitting a specially crafted request to the vulnerable endpoint. |
|---|
| Nguồn | ⚠️ https://github.com/th3w0lf-1337/Vulnerabilities/blob/main/SMS-PHP/CSRF/info.md |
|---|
| Người dùng | Th3W0lf (UID 84351) |
|---|
| Đệ trình | 21/04/2025 18:50 (cách đây 1 Năm) |
|---|
| Kiểm duyệt | 05/05/2025 13:32 (14 days later) |
|---|
| Trạng thái | được chấp nhận |
|---|
| Mục VulDB | 307390 [SourceCodester/oretnom23 Stock Management System 1.0 Users.php?f=save Giả mạo yêu cầu liên trang] |
|---|
| điểm | 18 |
|---|