CVE-2025-63716

Medium CVSS: 6.5

The SourceCodester Leads Manager Tool v1.0 is vulnerable to Cross-Site Request Forgery (CSRF) attacks that allow unauthorized state-changing operations. The application lacks CSRF protection mechanisms such as anti-CSRF tokens or same-origin verification for critical endpoints.

Vendor

Rems

Product

Leads Manager Tool

CWE

CWE-352

Yayın Tarihi

2025-11-07 18:15:36

Güncelleme

2025-11-17 18:37:54

Source Identifier

cve@mitre.org

KEV Date Added

Kategoriler

CWE-352 Leads Manager Tool MEDIUM Rems 2025

Referanslar

https://github.com/floccocam-cpu/CVE-Research-2025/blob/main/CVE-2025-63716/README5.md https://www.sourcecodester.com/php/17510/leads-manager-tool-using-php-and-mysql-source-code.html

Benzer Kayıtlar

Medium

CVE-2025-63640

Sourcecodester Medicine Reminder App v1.0 is vulnerable to Cross-Site Scripting (XSS) in the "Medicine Name" and "Notes…

Medium

CVE-2025-60313

Sourcecodester Link Status Checker 1.0 is vulnerable to a Cross-Site Scripting (XSS) in the Enter URLs to check input fi…

Medium

CVE-2025-60312

Sourcecodester Markdown to HTML Converter v1.0 is vulnerable to a Cross-Site Scripting (XSS) in the "Markdown Input" fie…

Medium

CVE-2025-10410

A security vulnerability has been detected in SourceCodester Link Status Checker 1.0. This vulnerability affects unknown…

Medium

CVE-2025-10088

A vulnerability was detected in SourceCodester Time Tracker 1.0. The affected element is an unknown function of the file…

Medium

CVE-2025-6345

A vulnerability was found in SourceCodester My Food Recipe 1.0 and classified as problematic. Affected by this issue is…