exploitDog

CVE-2021-43156

Опубликовано: 22 дек. 2021

Источник: nvd

CVSS3: 6.5

CVSS2: 4.3

EPSS Низкий

Описание

In ProjectWorlds Online Book Store PHP 1.0 a CSRF vulnerability in admin_delete.php allows a remote attacker to delete any book.

Ссылки

https://github.com/projectworldsofficial/online-book-store-project-in-php/issues/19
Exploit
Issue Tracking
Third Party Advisory
https://github.com/projectworldsofficial/online-book-store-project-in-php/issues/19
Exploit
Issue Tracking
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:projectworlds:online_book_store_project_in_php:1.0:*:*:*:*:*:*:*

EPSS

Процентиль: 34%

0.00138

Низкий

6.5 Medium

CVSS3

4.3 Medium

CVSS2

Дефекты

CWE-352

Связанные уязвимости

GHSA-pmx5-mv78-vrrp

github

около 4 лет назад

In ProjectWorlds Online Book Store PHP 1.0 a CSRF vulnerability in admin_delete.php allows a remote attacker to delete any book.

EPSS

Процентиль: 34%

0.00138

Низкий

6.5 Medium

CVSS3

4.3 Medium

CVSS2

Дефекты

CWE-352