A vulnerability was found in SourceCodester Clinics Patient Management System 1.0. It has been declared as problematic. This vulnerability affects unknown code of the file users.php of the component User Page. The manipulation leads to cross-site request forgery. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.
References
Link | Resource |
---|---|
https://github.com/ddChenA/cve/blob/main/csrf.md | Exploit |
https://vuldb.com/?ctiid.274066 | Permissions Required VDB Entry |
https://vuldb.com/?id.274066 | Permissions Required VDB Entry |
https://vuldb.com/?submit.387399 | Third Party Advisory VDB Entry |
Configurations
History
19 Aug 2024, 17:48
Type | Values Removed | Values Added |
---|---|---|
First Time |
Oretnom23 clinic\'s Patient Management System
|
|
CPE | cpe:2.3:a:oretnom23:clinic\'s_patient_management_system:1.0:*:*:*:*:*:*:* |
15 Aug 2024, 17:43
Type | Values Removed | Values Added |
---|---|---|
References | () https://github.com/ddChenA/cve/blob/main/csrf.md - Exploit | |
References | () https://vuldb.com/?ctiid.274066 - Permissions Required, VDB Entry | |
References | () https://vuldb.com/?id.274066 - Permissions Required, VDB Entry | |
References | () https://vuldb.com/?submit.387399 - Third Party Advisory, VDB Entry | |
Summary |
|
|
CVSS |
v2 : v3 : |
v2 : 5.0
v3 : 5.4 |
First Time |
Oretnom23 clinics Patient Management System
Oretnom23 |
|
CPE | cpe:2.3:a:oretnom23:clinics_patient_management_system:1.0:*:*:*:*:*:*:* |
12 Aug 2024, 13:41
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2024-08-12 13:38
Updated : 2024-08-19 17:48
NVD link : CVE-2024-7645
Mitre link : CVE-2024-7645
CVE.ORG link : CVE-2024-7645
JSON object : View
Products Affected
oretnom23
- clinic\'s_patient_management_system
CWE
CWE-352
Cross-Site Request Forgery (CSRF)