Skip to main content

Bookstore Management System CVE-2024-11673

MEDIUM
Cross-Site Request Forgery (CSRF) (CWE-352)
2024-11-25 cna@vuldb.com
6.9
CVSS 4.0 · Vendor: vuldb
Share

Severity by source

Vendor (vuldb) PRIMARY
6.9 MEDIUM
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Primary rating from Vendor (vuldb) · only source for this CVE.

CVSS VectorVendor: vuldb

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
X

Lifecycle Timeline

1
CVE Published
Nov 25, 2024 - 23:15 cve.org
MEDIUM 6.9

DescriptionCVE.org

A vulnerability, which was classified as problematic, has been found in 1000 Projects Bookstore Management System 1.0. This issue affects some unknown processing. The manipulation leads to cross-site request forgery. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.

AnalysisAI

A vulnerability, which was classified as problematic, has been found in 1000 Projects Bookstore Management System 1.0. Rated medium severity (CVSS 6.9), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Technical ContextAI

This vulnerability is classified as Cross-Site Request Forgery (CSRF) (CWE-352), which allows attackers to trick authenticated users into performing unintended actions. A vulnerability, which was classified as problematic, has been found in 1000 Projects Bookstore Management System 1.0. The manipulation leads to cross-site request forgery. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. Affected products include: 1000Projects Bookstore Management System.

RemediationAI

No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Implement anti-CSRF tokens, validate Origin/Referer headers, use SameSite cookie attribute.

CVE-2024-55496 CRITICAL POC
9.1 Dec 17

A vulnerability has been found in the 1000projects Bookstore Management System PHP MySQL Project 1.0.php. Rated critical

CVE-2024-10845 HIGH POC
7.3 Nov 05

A vulnerability has been found in 1000 Projects Bookstore Management System 1.0 and classified as critical. Rated high s

CVE-2024-10844 HIGH POC
7.3 Nov 05

A vulnerability, which was classified as critical, was found in 1000 Projects Bookstore Management System 1.0. Rated hig

CVE-2024-10998 HIGH POC
7.3 Nov 08

A vulnerability was found in 1000 Projects Bookstore Management System 1.0. Rated high severity (CVSS 7.3), this vulnera

CVE-2024-10996 HIGH POC
7.3 Nov 08

A vulnerability was found in 1000 Projects Bookstore Management System 1.0. Rated high severity (CVSS 7.3), this vulnera

CVE-2024-13002 MEDIUM POC
6.9 Dec 29

A vulnerability was found in 1000 Projects Bookstore Management System 1.0. Rated medium severity (CVSS 6.9), this vulne

CVE-2024-11590 MEDIUM POC
6.9 Nov 21

A vulnerability, which was classified as critical, has been found in 1000 Projects Bookstore Management System 1.0. Rate

CVE-2024-10969 MEDIUM POC
6.9 Nov 07

A vulnerability was found in 1000 Projects Bookstore Management System 1.0. Rated medium severity (CVSS 6.9), this vulne

CVE-2024-10968 MEDIUM POC
6.9 Nov 07

A vulnerability was found in 1000 Projects Bookstore Management System 1.0. Rated medium severity (CVSS 6.9), this vulne

CVE-2024-10997 MEDIUM POC
6.3 Nov 08

A vulnerability was found in 1000 Projects Bookstore Management System 1.0. Rated medium severity (CVSS 6.3), this vulne

CVE-2025-1174 MEDIUM POC
4.8 Feb 11

A vulnerability has been found in 1000 Projects Bookstore Management System 1.0 and classified as problematic. Rated med

CVE-2025-1173 MEDIUM POC
5.1 Feb 11

A vulnerability, which was classified as critical, was found in 1000 Projects Bookstore Management System 1.0. Rated med

Share

CVE-2024-11673 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy