Description

A vulnerability, which was classified as problematic, was found in SourceCodester Simple Realtime Quiz System 1.0. This affects an unknown part of the file /ajax.php?action=save_user. The manipulation leads to cross-site request forgery. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-273351.

Related CPE's

a

oretnom23

simple_realtime_quiz_system

1.0

Vulnerable

References

https://gist.github.com/topsky979/03ae83fd32a94c85f910c8e3a85fa056

Exploit

https://vuldb.com/?ctiid.273351

Permissions RequiredThird Party Advisory

https://vuldb.com/?id.273351

Third Party Advisory

https://vuldb.com/?submit.383515

Third Party Advisory

Weaknesses

[email protected]

Primary
CWE-352

CVSS impact metrics

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

8.8 · High

  • CVSS V3.1

  • CVSS V3.0

  • CVSS V2.0

Information

Source identifier

[email protected]

Vulnerability status

Analyzed

Published

2024-08-01T21:16:05.613

7 months ago

Last modified

2024-08-09T11:27:19.727

7 months ago