Skip to content

Instantly share code, notes, and snippets.

@Kavisha3

Kavisha3/CVE 2021-26800.md

Last active December 8, 2021 18:15
Show Gist options
  • Save Kavisha3/59dac95b268f0d32eab53e659ab59311 to your computer and use it in GitHub Desktop.
Save Kavisha3/59dac95b268f0d32eab53e659ab59311 to your computer and use it in GitHub Desktop.
Download ZIP
Raw
CVE 2021-26800.md

Vulnerability Type:

Cross Site Request Forgery (CSRF) Cross Site Request Forgery (CSRF) vulnerability in Change-password.php in phpgurukul user management system in php using stored procedure V1.0, allows attackers to change the password to an arbitrary account.

Affected Component

Change-password.php

Attack Type

Local

Discoverer

Kavisha Sheth

Vendor of Product

https://phpgurukul.com/

Affected Product Code Base

https://phpgurukul.com/user-management-system-in-php-using-stored-procedure/ V1.0

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment