CWE-352

School Event Management System 1.0 allows CSRF via user/controller.php?action=edit.

School Attendance Monitoring System 1.0 has CSRF via /user/user/edit.php.

School Attendance Monitoring System 1.0 has CSRF via event/controller.php?action=photos.

The Tubigan “Welcome to our Resort” 1.0 software allows CSRF via admin/mod_users/controller.php?action=edit.

A CSRF issue was discovered in admin/Index/addmanageuser.html in Catfish CMS 4.8.30.

A CSRF issue was discovered in admin/Index/tiquan in catfish blog 2.0.33.