Submit #92954: Online Pizza Ordering System has CSRF vulnerability信息

TitleOnline Pizza Ordering System has CSRF vulnerability
DescriptionBUG_Author: Murasaki URL:http://localhost/php-opos/admin/ajax.php?action=save_user Link:https://www.sourcecodester.com/php/16166/online-pizza-ordering-system-php-free-source-code.html There is a CSRF vulnerability in the Online Pizza Ordering System v1.0. When the administrator is logged in, open the created JS script file to complete the operation of adding an administrator.When the administrator is logged in, open the specified JS script file to complete a series of operations that require permissions, such as adding an administrator. The CSRF vulnerability can complete various permission operations in the background when combined with the stored XSS vulnerability, which seriously affects business processes and permission management.
Source⚠️ https://github.com/1MurasaKi/PizzaCSRF_report/tree/main/vender/Online%20Pizza%20Ordering%20System
UserMurasaki (ID 41555)
Submission2023-02-22 02時49分 (1 Year ago)
Moderation2023-02-23 16時20分 (2 days later)
Status已接受
VulDB Entry221681

上一步一览下一步

Do you need the next level of professionalism?

Upgrade your account now!