5 matches found
EUVD-2020-30933
Sistem Informasi Pengumuman Kelulusan Online 1.0 contains a cross-site request forgery vulnerability that allows attackers to add unauthorized admin users through the tambahuser.php endpoint. Attackers can craft a malicious HTML form to submit admin credentials and create new administrative...
CVE-2020-37046
Sistem Informasi Pengumuman Kelulusan Online 1.0 contains a cross-site request forgery vulnerability that allows attackers to add unauthorized admin users through the tambahuser.php endpoint. Attackers can craft a malicious HTML form to submit admin credentials and create new administrative...
CVE-2020-37046 Sistem Informasi Pengumuman Kelulusan Online 1.0 - Cross-Site Request Forgery
Sistem Informasi Pengumuman Kelulusan Online 1.0 contains a cross-site request forgery vulnerability that allows attackers to add unauthorized admin users through the tambahuser.php endpoint. Attackers can craft a malicious HTML form to submit admin credentials and create new administrative...
CVE-2020-37046
The Vuln is CSRF in Sistem Informasi Pengumuman Kelulusan Online 1.0, exploitable via the tambahuser.php endpoint to add unauthorized admin accounts. The issue allows craftable HTML forms to submit admin credentials without victim consent. Concrete details across connected records identify the vu...
CVE-2020-37046
Sistem Informasi Pengumuman Kelulusan Online 1.0 contains a cross-site request forgery vulnerability that allows attackers to add unauthorized admin users through the tambahuser.php endpoint. Attackers can craft a malicious HTML form to submit admin credentials and create new administrative...