CVE-2022-46074 - Helmet Store Showroom v1.0 Cross Site Request Forgery

less than 1 minute read

Researcher

This vulnerability was discovered by @yuyudhn.

Description

Unauthenticated user able to add admin account due to missing CSRF protection at Helmet Store Showroom v1.0. This vulnerability has not been known to be fixed yet.

Details

Detail about software affected by CVE-2022-46074.

Parameter	Description
Software	Helmet Store Showroom
Vendor	oretnom23
Vulnerable Version	v1.0
Classification	Cross Site Request Forgery (CSRF)
Required privilege	Unauthenticated
Publicly disclosed	2022-12-14

Proof of Concept

References

CVE-2022-46074 - CVE.org
CVE-2022-46074 - NIST NVD
CVE-2022-46074 - Tenable

Share on

Twitter Facebook LinkedIn

Yudha P.