2 matches found
CVE-2025-63712
Cross-Site Request Forgery CSRF in SourceCodester Product Expiry Management System. The User Management module delete-user.php allows remote attackers to delete arbitrary user accounts via forged cross-origin GET requests because the endpoint relies solely on session cookies and lacks CSRF...
CVE-2025-63712
Cross-Site Request Forgery CSRF in SourceCodester Product Expiry Management System. The User Management module delete-user.php allows remote attackers to delete arbitrary user accounts via forged cross-origin GET requests because the endpoint relies solely on session cookies and lacks CSRF...