Restaurant Management System 1.0 CSRF
- by Vince
-
in Blog
-
Hits: 7050
Disclosure date: 10/24/19
CVE-2019-18414
Restaurant Management System 1.0 is affected by a Cross Site Request Forgery vulnerability due to a lack of CSRF protection. This could lead to an attacker tricking the administrator into executing arbitrary code via a specially crafted HTML page.
The Staff page:
Our malicious page:
The outcome: