A vulnerability was found in Qidianbang qdbcrm 1.1.0 and classified as problematic. Affected by this issue is some unknown functionality of the file /user/edit?id=2 of the component Password Reset. The manipulation leads to cross-site request forgery. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-252032. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.
References
Link | Resource |
---|---|
https://github.com/gtqbhksl/weekdays_something/blob/main/qdb_csrf.md | Exploit Third Party Advisory |
https://vuldb.com/?ctiid.252032 | Third Party Advisory |
https://vuldb.com/?id.252032 | Third Party Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: VulDB
Published: 2024-01-25T17:31:04.024Z
Updated: 2024-01-25T17:31:04.024Z
Reserved: 2024-01-25T12:52:00.394Z
Link: CVE-2024-0880
JSON object: View
NVD Information
Status : Modified
Published: 2024-01-25T18:15:09.027
Modified: 2024-05-17T02:35:00.317
Link: CVE-2024-0880
JSON object: View
Redhat Information
No data.
CWE