CVE-2023-7051

A vulnerability was found in PHPGurukul Online Notes Sharing System 1.0 and classified as problematic. Affected by this issue is some unknown functionality of the file /user/manage-notes.php of the component Notes Handler. The manipulation of the argument delid leads to cross-site request forgery. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. VDB-248738 is the identifier assigned to this vulnerability.
References
Link Resource
https://github.com/dhabaleshwar/Open-Source-Vulnerabilities/blob/main/csrf_delete_notes.md Exploit Third Party Advisory
https://vuldb.com/?ctiid.248738 Permissions Required Third Party Advisory
https://vuldb.com/?id.248738 Third Party Advisory
Configurations

Configuration 1 (hide)

cpe:2.3:a:phpgurukul:online_notes_sharing_system:1.0:*:*:*:*:*:*:*

History

28 Dec 2023, 14:01

Type Values Removed Values Added
CVSS v2 : unknown
v3 : unknown
v2 : unknown
v3 : 4.3
CPE cpe:2.3:a:phpgurukul:online_notes_sharing_system:1.0:*:*:*:*:*:*:*
References () https://vuldb.com/?id.248738 - () https://vuldb.com/?id.248738 - Third Party Advisory
References () https://vuldb.com/?ctiid.248738 - () https://vuldb.com/?ctiid.248738 - Permissions Required, Third Party Advisory
References () https://github.com/dhabaleshwar/Open-Source-Vulnerabilities/blob/main/csrf_delete_notes.md - () https://github.com/dhabaleshwar/Open-Source-Vulnerabilities/blob/main/csrf_delete_notes.md - Exploit, Third Party Advisory

21 Dec 2023, 22:15

Type Values Removed Values Added
New CVE

Information

Published : 2023-12-21 22:15

Updated : 2024-05-17 02:34


NVD link : CVE-2023-7051

Mitre link : CVE-2023-7051

CVE.ORG link : CVE-2023-7051


JSON object : View

Products Affected

phpgurukul

  • online_notes_sharing_system
CWE
CWE-352

Cross-Site Request Forgery (CSRF)