CVE-2019-18414

Sourcecodester Restaurant Management System 1.0 is affected by an admin/staff-exec.php Cross Site Request Forgery vulnerability due to a lack of CSRF protection. This could lead to an attacker tricking the administrator into executing arbitrary code or adding a staff entry via a crafted HTML page.
Configurations

Configuration 1 (hide)

cpe:2.3:a:sourcecodester:restaurant_management_system:1.0:*:*:*:*:*:*:*

History

21 Nov 2024, 04:33

Type Values Removed Values Added
References () https://www.sevenlayers.com/index.php/263-restaurant-management-system-csrf - Exploit, Third Party Advisory () https://www.sevenlayers.com/index.php/263-restaurant-management-system-csrf - Exploit, Third Party Advisory

Information

Published : 2019-10-24 18:15

Updated : 2024-11-21 04:33


NVD link : CVE-2019-18414

Mitre link : CVE-2019-18414

CVE.ORG link : CVE-2019-18414


JSON object : View

Products Affected

sourcecodester

  • restaurant_management_system
CWE
CWE-352

Cross-Site Request Forgery (CSRF)