EIP-2026-112689
PRE-CVETime and Expense Management System 3.0 - Cross-Site Request Forgery (Add Admin)
Title source: legacyExploitation Summary
EIP tracks 1 public exploit for EIP-2026-112689. PoCs published by Ihsan Sencan.
AI-analyzed exploit summary This exploit demonstrates a Cross-Site Request Forgery (CSRF) vulnerability in Time and Expense Management System 3.0, allowing an attacker to update admin user details without proper authentication. The PoC includes a crafted HTTP POST request to modify admin credentials.
Description
Time and Expense Management System 3.0 - Cross-Site Request Forgery (Add Admin)
Exploits (1)
This exploit demonstrates a Cross-Site Request Forgery (CSRF) vulnerability in Time and Expense Management System 3.0, allowing an attacker to update admin user details without proper authentication. The PoC includes a crafted HTTP POST request to modify admin credentials.