CNNVD-202601-4989 Information
CNNVD ID
CNNVD-202601-4989
Related CVE
- CNNVD Published: 2026-01-30
Description (Chinese)
Adikiss Sistem Informasi Pengumuman Kelulusan Online是Adikiss公司的一个校园信息化系统。 Adikiss Sistem Informasi Pengumuman Kelulusan Online 1.0版本存在跨站请求伪造漏洞,该漏洞源于tambahuser.php端点存在跨站请求伪造,可能导致添加未授权的管理员用户。
Description (English)
Adikiss Sistem Informasi Pengumuman Kelulusan Online is a campus information system for Adikiss. The version 1.0 of Adikiss Sistem Informasi Pengumuman Kelulusan Online contains a false gap in cross-site requests, which stems from the presence of cross-site requests at the taambahuser.php endpoint, which may lead to the addition of unauthorized administrator users.
Hazard Level
High
Vulnerability Type
跨站请求伪造
Affected Vendor
Adikiss
Published
2026-01-30
Last Modified
2026-02-24
References
https://adikiss.net/ https://adikiss.net/2014/06/aplikasi-sistem-informasi-pengumuman-kelulusan-online-2/ https://www.exploit-db.com/exploits/48571 https://www.vulncheck.com/advisories/sistem-informasi-pengumuman-kelulusan-online-cross-site-request-forgery
Share on: