6 matches found
EUVD-2020-30933
Sistem Informasi Pengumuman Kelulusan Online 1.0 contains a cross-site request forgery vulnerability that allows attackers to add unauthorized admin users through the tambahuser.php endpoint. Attackers can craft a malicious HTML form to submit admin credentials and create new administrative...
CVE-2020-37046
Sistem Informasi Pengumuman Kelulusan Online 1.0 contains a cross-site request forgery vulnerability that allows attackers to add unauthorized admin users through the tambahuser.php endpoint. Attackers can craft a malicious HTML form to submit admin credentials and create new administrative...
CVE-2020-37046
Sistem Informasi Pengumuman Kelulusan Online 1.0 contains a cross-site request forgery vulnerability that allows attackers to add unauthorized admin users through the tambahuser.php endpoint. Attackers can craft a malicious HTML form to submit admin credentials and create new administrative...
CVE-2020-37046 Sistem Informasi Pengumuman Kelulusan Online 1.0 - Cross-Site Request Forgery
Sistem Informasi Pengumuman Kelulusan Online 1.0 contains a cross-site request forgery vulnerability that allows attackers to add unauthorized admin users through the tambahuser.php endpoint. Attackers can craft a malicious HTML form to submit admin credentials and create new administrative...
CVE-2020-37046
The Vuln is CSRF in Sistem Informasi Pengumuman Kelulusan Online 1.0, exploitable via the tambahuser.php endpoint to add unauthorized admin accounts. The issue allows craftable HTML forms to submit admin credentials without victim consent. Concrete details across connected records identify the vu...
PT-2026-5485
Name of the Vulnerable Software and Affected Versions Sistem Informasi Pengumuman Kelulusan Online version 1.0 Description The application contains a cross-site request forgery condition that permits attackers to add unauthorized admin users. This is achieved by exploiting the tambahuser.php...