4.5
CVE-2024-57523
- EPSS 0.41%
- Veröffentlicht 06.02.2025 19:15:19
- Zuletzt bearbeitet 22.04.2025 20:06:16
- Quelle cve@mitre.org
- CVE-Watchlists
- Unerledigt
LoginCross Site Request Forgery (CSRF) in Users.php in SourceCodester Packers and Movers Management System 1.0 allows attackers to create unauthorized admin accounts via crafted requests sent to an authenticated admin user.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Oretnom23 ≫ Packers And Movers Management System Version1.0
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.41% | 0.607 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 4.5 | 0.9 | 3.6 |
CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:N/I:H/A:N
|
CWE-352 Cross-Site Request Forgery (CSRF)
The web application does not, or can not, sufficiently verify whether a well-formed, valid, consistent request was intentionally provided by the user who submitted the request.