Cross Site Request Forgery Vulnerability in Sourcecodester Restaurant Management System
CVE-2019-18414
8.8HIGH
What is CVE-2019-18414?
The Sourcecodester Restaurant Management System version 1.0 is vulnerable to a Cross Site Request Forgery (CSRF) attack, primarily due to insufficient CSRF protection in the admin/staff-exec.php functionality. This security flaw allows an attacker to potentially trick an administrator into executing unintended commands or adding unauthorized staff entries through a maliciously crafted HTML page. As a result, it poses a significant risk of unauthorized access and manipulation within the system.