CVE-2021-26800

MEDIUM

phpgurukul user management system in php using stored procedure V1.0 - Cross-Site Request Forgery in Change-password.php

Title source: llm
STIX 2.1

Description

Cross Site Request Forgery (CSRF) vulnerability in Change-password.php in phpgurukul user management system in php using stored procedure V1.0, allows attackers to change the password to an arbitrary account.

References (2)

Core 2
Core References

Scores

CVSS v3 6.5
EPSS 0.0040
EPSS Percentile 31.5%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N

Details

CWE
CWE-352
Status published
Products (1)
user_management_system_in_php_stored_procedure_project/user_management_system_in_php_stored_procedure 1.0
Published Dec 16, 2021
Tracked Since Feb 18, 2026