EUVD-2021-17054

Malware in sbrugna...

CVE-2021-30114

Web-School ERP V 5.0 contains a cross-site request forgery CSRF vulnerability that allows a remote attacker to create a voucher payment request through module/accounting/voucher/create. The application fails to validate the CSRF token for a POST request using admin privilege...

Cross site request forgery (csrf)

Web-School ERP V 5.0 contains a cross-site request forgery CSRF vulnerability that allows a remote attacker to create a voucher payment request through module/accounting/voucher/create. The application fails to validate the CSRF token for a POST request using admin privilege...

CVE-2021-30114

CVE-2021-30114 affects Web-School ERP v5.0. The CSRF vulnerability allows an attacker to induce a voucher payment request via the path module/accounting/voucher/create because the application fails to validate the CSRF token on a POST using admin privileges. Documents consistently describe the is...

CVE-2021-30114

Web-School ERP V 5.0 contains a cross-site request forgery CSRF vulnerability that allows a remote attacker to create a voucher payment request through module/accounting/voucher/create. The application fails to validate the CSRF token for a POST request using admin privilege...