漏洞平台

POC详情： c2e0d242805848015aa6ac0e10a1c1c19a8a8bcc

来源

https://github.com/Sudo-Sakib/CVE-2025-25965

关联漏洞

疑似Oday

描述

CVE-2025-25965 is a newly discovered CSRF vulnerability in the Phpgurukul Online Banquet Booking System v1.2, allowing remote attackers to change a user’s email address without their consent by exploiting an authenticated session.

介绍

# CVE-2025-25965: Cross-Site Request Forgery (CSRF) in Online Banquet Booking System v1.2

##  Introduction

Cross-Site Request Forgery (CSRF) remains one of the most overlooked yet dangerous vulnerabilities affecting web applications today. **CVE-2025-25965** is a newly discovered CSRF vulnerability in the **Phpgurukul Online Banquet Booking System v1.2**, allowing remote attackers to change a user’s email address without their consent by exploiting an authenticated session.

# Vulnerability Overview

**CVE ID**: CVE-2025-25965

**Vulnerability Type**: Cross-Site Request Forgery (CSRF)

**Affected Product**: Online Banquet Booking System - v1.2

**Affected Component**: User Profile Update Functionality (profile.php)

**Impact**: Unauthorized Account Modifications

**Attack Type**: Remote

**Severity**: High

**Discoverer**: Sakib Shaikh

## Steps to Reproduce

To demonstrate the impact, follow these step-by-step instructions:

1. Install and configure the Online Banquet Booking System v1.2 on a local server.

2. Log in with provided credentials by PHPGurukul.

3. Navigate to user profile section

4. Change email address and Intercept that request in the Burp Suite.

5. Notice there is no CSRF Token.

6. Generate a CSRF Payload and open that on Incognito mode.

6. Notice that your email gets changed.

## Root Cause Analysis

The vulnerability occurs because the application does not implement CSRF protection mechanisms, such as CSRF tokens, in the profile update functionality. This allows an attacker to trick an authenticated user into unknowingly executing a malicious request that changes their email address.


## References

https://phpgurukul.com/online-banquet-booking-system-using-php-and-mysql/

https://owasp.org/www-community/attacks/csrf

文件快照


 [4.0K]  /data/pocs/c2e0d242805848015aa6ac0e10a1c1c19a8a8bcc
└── [1.7K]  README.md

0 directories, 1 file

神龙机器人已为您缓存

备注

1. 建议优先通过来源进行访问。

2. 如果因为来源失效或无法访问，请发送邮箱到 f.jinxu#gmail.com 索取本地快照（把 # 换成 @）。

3. 神龙已为您对POC代码进行快照，为了长期维护，请考虑为本地POC付费，感谢您的支持。