CSRF Vulnerability in NexusPHPV1.5 (Current Version)
NexusPHPV1.5 is a system for domestic pt stations. NexusPHPV1.5 the current version has a cross-site request forgery vulnerability, the vulnerability is due to cookie design flaws and failure to effectively limit the parameters submitted by the post. The vulnerability is caused by a cookie design...