First published: Wed Jul 10 2024(Updated: )
A vulnerability has been found in SourceCodester Employee and Visitor Gate Pass Logging System 1.0 and classified as problematic. Affected by this vulnerability is the function save_users of the file Users.php. The manipulation leads to cross-site request forgery. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-271057 was assigned to this vulnerability.
Credit: cna@vuldb.com
Affected Software | Affected Version | How to fix |
---|---|---|
SourceCodester Employee and Visitor Gate Pass Logging System | =1.0 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2024-6649 is classified as a problematic vulnerability due to its potential for cross-site request forgery.
To fix CVE-2024-6649, implement CSRF tokens in the save_users function of the Users.php file.
CVE-2024-6649 affects SourceCodester Employee and Visitor Gate Pass Logging System version 1.0.
CVE-2024-6649 is a cross-site request forgery vulnerability that can lead to unauthorized actions on behalf of users.
The impact of CVE-2024-6649 includes the potential for attackers to perform actions without user consent, compromising user accounts.