Описание
A security flaw has been discovered in PHPGurukul News Portal 1.0. The impacted element is an unknown function. Performing a manipulation results in cross-site request forgery. The attack may be initiated remotely. The exploit has been released to the public and may be used for attacks.
Ссылки
- https://github.com/Asim-QAZi/CSRF-Add-Subadmin-in-News-Portal-Project-in-PHP-and-MySql-in-PHPGurukulExploitMitigationThird Party Advisory
- Product
- Permissions RequiredVDB Entry
- Third Party AdvisoryVDB Entry
- Third Party AdvisoryVDB Entry
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:phpgurukul:news_portal:1.0:*:*:*:*:*:*:*
EPSS
Процентиль: 11%
0.00037
Низкий
4.3 Medium
CVSS3
6.5 Medium
CVSS3
5 Medium
CVSS2
Дефекты
CWE-352
Связанные уязвимости
CVSS3: 4.3
github
19 дней назад
A security flaw has been discovered in PHPGurukul News Portal 1.0. The impacted element is an unknown function. Performing a manipulation results in cross-site request forgery. The attack may be initiated remotely. The exploit has been released to the public and may be used for attacks.
EPSS
Процентиль: 11%
0.00037
Низкий
4.3 Medium
CVSS3
6.5 Medium
CVSS3
5 Medium
CVSS2
Дефекты
CWE-352