CVE-2025-50370

Medium CVSS: 6.5

A Cross-Site Request Forgery (CSRF) vulnerability exists in the Inquiry Management functionality /mcgs/admin/readenq.php of the Phpgurukul Medical Card Generation System 1.0. The vulnerable endpoint allows an authenticated admin to delete inquiry records via a simple GET request, without requiring a CSRF token or validating the origin of the request.

Vendor

Anujk305

Product

Medical Card Generation System

CWE

CWE-352

Yayın Tarihi

2025-06-27 16:15:25

Güncelleme

2025-07-01 18:13:30

Source Identifier

cve@mitre.org

KEV Date Added

Kategoriler

CWE-352 Medical Card Generation System MEDIUM Anujk305 2025

Referanslar

https://github.com/1h3ll/CVEs/blob/main/CSRF-ReadEnquiry_Medicalcard_Generations_System.md

Benzer Kayıtlar

Medium

CVE-2025-50367

A stored blind XSS vulnerability exists in the Contact Page of the Phpgurukul Medical Card Generation System 1.0 mcgs/co…

Medium

CVE-2025-50369

A Cross-Site Request Forgery (CSRF) vulnerability exists in the Manage Card functionality (/mcgs/admin/manage-card.php)…

Medium

CVE-2025-6613

A vulnerability classified as problematic was found in PHPGurukul Hospital Management System 4.0. Affected by this vulne…

Medium

CVE-2025-6570

A vulnerability, which was classified as critical, has been found in PHPGurukul Hospital Management System 4.0. Affected…

Medium

CVE-2025-6301

A vulnerability, which was classified as problematic, has been found in PHPGurukul Notice Board System 1.0. This issue a…

Medium

CVE-2025-6288

A vulnerability, which was classified as problematic, has been found in PHPGurukul Bus Pass Management System 1.0. Affec…