CVE-2024-7360 MEDIUM

CVE-2024-7360: SourceCodester Tracking Monitoring Management System ajax.php cross-site request forgery

Vendor Sourcecodester
Product Tracking Monitoring Management System
Weakness CWE-352 · CSRF
Published August 1, 2024
Last update August 7, 2024
View on NVD All CVEs

CVSS base score

6.9/10
Attack vector Network
Attack complexity Low
Privileges required None
User interaction None
Confidentiality
Integrity

CVSS vector

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N

What the vulnerability does

01Description

A vulnerability classified as problematic has been found in SourceCodester Tracking Monitoring Management System 1.0. This affects an unknown part of the file /ajax.php. The manipulation leads to cross-site request forgery. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-273339.

Key dates

02Disclosure timeline

August 1, 2024 CVE published
August 7, 2024 Record updated

Related vulnerabilities

04Related CVE

CVE-2021-22950 CVE-2025-31677 AI (Artificial Intelligence) - Critical - Cross Site Request Forgery - SA-CONTRIB-2025-003 CVE-2025-24698 WordPress Essential Real Estate plugin <= 5.1.8 - Cross Site Request Forgery (CSRF) vulnerability CVE-2023-28694 WordPress Wbcom Designs – BuddyPress Activity Social Share Plugin <= 3.5.0 is vulnerable to Cross Site Request Forgery (CSRF) CVE-2023-48766 WordPress SVGator – Add Animated SVG Easily Plugin <= 1.2.4 is vulnerable to Cross Site Request Forgery (CSRF)