CVE-2024-57523

MEDIUM

Oretnom23 Packers And Movers Management System - CSRF

Title source: rule

Description

Cross Site Request Forgery (CSRF) in Users.php in SourceCodester Packers and Movers Management System 1.0 allows attackers to create unauthorized admin accounts via crafted requests sent to an authenticated admin user.

Exploits (1)

nomisec WRITEUP

by HackWidMaddy · poc

https://github.com/HackWidMaddy/CVE-2024-57523.

View Code ZIP pw:eip

References (2)

[Product] http://sourcecodester.com

[Exploit, Third Party Advisory] https://github.com/HackWidMaddy/CVE-2024-57523.

Scores

CVSS v3 4.5

EPSS 0.0022

EPSS Percentile 44.9%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:N/I:H/A:N

CISA SSVC

Vulnrichment

Exploitation poc

Automatable no

Technical Impact partial

Details

CWE

CWE-352

Status published

Products (1)

oretnom23/packers_and_movers_management_system 1.0

Published Feb 06, 2025

Tracked Since Feb 18, 2026