| tiêu đề | PHPGurukul Complaint Management System 2.0 Cross-Site Request Forgery |
|---|
| Mô tả | A Cross-Site Request Forgery (CSRF) vulnerability exists in the Complaint Management System V2.0.
Source code address:https://phpgurukul.com/complaint-management-sytem/
The backend lacks any defensive measures against CSRF, such as CSRF tokens or HTTP Referer verification. If the victim is an administrator or privileged user, the consequences may include gaining complete control over the web application, such as deleting or modifying data.
We give an example. Deleting a user also deletes related complaints submitted by the user, severely compromises the integrity and availability of the system. |
|---|
| Nguồn | ⚠️ https://github.com/N1n3b9S/cve/issues/8 |
|---|
| Người dùng | Anonymous User |
|---|
| Đệ trình | 16/07/2025 09:26 (cách đây 10 các tháng) |
|---|
| Kiểm duyệt | 18/07/2025 21:20 (2 days later) |
|---|
| Trạng thái | được chấp nhận |
|---|
| Mục VulDB | 316938 [PHPGurukul Complaint Management System 2.0 Giả mạo yêu cầu liên trang] |
|---|
| điểm | 20 |
|---|