CNNVD-202602-822 Information
Feb 05, 2026
cve
CNNVD ID
CNNVD-202602-822
Related CVE
- CNNVD Published: 2026-02-05
Description (Chinese)
Hrsale是Hrsale团队的一款PHP编写的人力资源管理系统。 Hrsale 1.1.8版本存在跨站请求伪造漏洞,该漏洞源于存在跨站请求伪造,可能导致添加未授权管理用户。
Description (English)
Hrsale is a human resources management system developed by the Hrsale team. Hrsale 1.1.8 has a false gap in cross-site requests, which stems from the existence of cross-site requests, which may lead to the addition of unauthorized users.
Hazard Level
High
Vulnerability Type
跨站请求伪造
Affected Vendor
Hrsale
Published
2026-02-05
Last Modified
2026-02-24
References
http://hrsale.com/ https://web.archive.org/web/20200109113640/ https://www.exploit-db.com/exploits/48205 https://www.vulncheck.com/advisories/hrsale-cross-site-request-forgery-add-admin
Share on: