CVE-2024-42576

A Cross-Site Request Forgery (CSRF) in the component edit_categorie.php of Warehouse Inventory System v2.0 allows attackers to escalate privileges.
References
Link Resource
https://gist.github.com/topsky979/50a1d8ad7effd9ccd089952602c831d3 Exploit Third Party Advisory
Configurations

Configuration 1 (hide)

cpe:2.3:a:siamonhasan:warehouse_inventory_system:2.0:*:*:*:*:*:*:*

History

01 May 2025, 14:28

Type Values Removed Values Added
CPE cpe:2.3:a:siamonhasan:warehouse_inventory_system:2.0:*:*:*:*:*:*:*
References () https://gist.github.com/topsky979/50a1d8ad7effd9ccd089952602c831d3 - () https://gist.github.com/topsky979/50a1d8ad7effd9ccd089952602c831d3 - Exploit, Third Party Advisory
First Time Siamonhasan warehouse Inventory System
Siamonhasan
Summary
  • (es) Una Cross-Site Request Forgery (CSRF) en el componente edit_categorie.php de Warehouse Inventory System v2.0 permite a los atacantes escalar privilegios.

20 Aug 2024, 16:35

Type Values Removed Values Added
CWE CWE-352
CVSS v2 : unknown
v3 : unknown
v2 : unknown
v3 : 8.8

20 Aug 2024, 13:15

Type Values Removed Values Added
New CVE

Information

Published : 2024-08-20 13:15

Updated : 2025-05-01 14:28


NVD link : CVE-2024-42576

Mitre link : CVE-2024-42576

CVE.ORG link : CVE-2024-42576


JSON object : View

Products Affected

siamonhasan

  • warehouse_inventory_system
CWE
CWE-352

Cross-Site Request Forgery (CSRF)