QwikSec

Security Database

CVE

CWE

Training

CVE-2018-7216

Published: Feb 18, 2018

Modified: Aug 5, 2024

PUBLISHED

Description

Cross-site request forgery (CSRF) vulnerability in esop/toolkit/profile/regData.do in Bravo Tejari Procurement Portal allows remote authenticated users to hijack the authentication of application users for requests that modify their personal data by leveraging lack of anti-CSRF tokens.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

https://www.securityfocus.com/archive/1/541782/30/0/threaded

x_refsource_MISC

exploit

x_refsource_EXPLOIT-DB

http://seclists.org/fulldisclosure/2018/Feb/44

x_refsource_MISC

https://packetstormsecurity.com/files/146409/Tejari-Cross-Site-Request-Forgery.html

x_refsource_MISC

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.