Login Sign Up

CVE-2024-11673

4.3 MEDIUM
Authentication Bypass CSRF

📋 TL;DR

This Cross-Site Request Forgery (CSRF) vulnerability in Bookstore Management System 1.0 allows attackers to trick authenticated users into performing unintended actions. Attackers can remotely exploit this to modify bookstore data or perform administrative functions. All users running the vulnerable version are affected.

💻 Affected Systems

Products:
  • 1000 Projects Bookstore Management System
Versions: 1.0
Operating Systems: All
Default Config Vulnerable: ⚠️ Yes
Notes: The vulnerability affects unknown processing components within the application.

📦 What is this software?

Bookstore Management System by 1000projects

View all CVEs affecting Bookstore Management System →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Attackers could modify or delete bookstore inventory, customer data, or financial records, potentially causing business disruption or data loss.

🟠

Likely Case

Attackers modify bookstore inventory data, change prices, or alter customer records without authorization.

🟢

If Mitigated

With proper CSRF protections, the vulnerability would be blocked, preventing unauthorized actions even if users visit malicious sites.

🌐 Internet-Facing: HIGH
🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ⚠️ Yes
Weaponized: LIKELY
Unauthenticated Exploit: ✅ No
Complexity: LOW

Exploit details are publicly disclosed on GitHub and vuldb.com. Attack requires user interaction (visiting malicious site while authenticated).

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Unknown

Vendor Advisory: https://1000projects.org/

Restart Required: No

Instructions:

No official patch available. Check vendor website for updates or consider alternative solutions.

🔧 Temporary Workarounds

Implement CSRF Tokens

all

Add anti-CSRF tokens to all state-changing forms and validate them server-side.

Manual code modification required - add unique tokens to forms and validate on submission

SameSite Cookie Attribute

all

Set SameSite=Strict or Lax on session cookies to prevent cross-site requests.

Set-Cookie: session=value; SameSite=Strict; Secure; HttpOnly

🧯 If You Can't Patch

  • Implement web application firewall (WAF) rules to detect and block CSRF attempts
  • Restrict application access to trusted networks only and monitor for suspicious activity

🔍 How to Verify

Check if Vulnerable:

Check if forms lack CSRF tokens or if session cookies lack SameSite attributes. Test with CSRF PoC tools.

Check Version:

Check application version in admin panel or about page. Default installation shows version 1.0.

Verify Fix Applied:

Verify all forms include unique CSRF tokens that are validated server-side. Test with CSRF scanning tools.

📡 Detection & Monitoring

Log Indicators:

  • Multiple failed state-changing requests from same IP
  • Requests missing expected CSRF tokens
  • Unusual inventory or data modifications

Network Indicators:

  • Requests with Referer headers pointing to external domains
  • State-changing POST requests without corresponding GET requests

SIEM Query:

source="web_logs" AND (status=200 AND method=POST) AND NOT csrf_token=* | stats count by src_ip

📊 Metadata

CVE ID: CVE-2024-11673
CVSS v3 Score: 4.3 (MEDIUM)
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
CWE: CWE-352
Published: November 25, 2024
Last Updated: December 4, 2024

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2024-11673, you might also want to check these:

CVE-2025-23922 10.0

A Cross-Site Request Forgery (CSRF) vulnerability in the Harsh iSpring Embedder WordPress plugin all...

Same vulnerability type (CWE-352)
CVE-2020-23426 9.8

CVE-2020-23426 is a privilege escalation vulnerability in zzcms 201910 that allows attackers to gain...

Same vulnerability type (CWE-352)
CVE-2024-33449 9.8

This SSRF vulnerability in PDFMyURL allows attackers to make the service send requests to internal s...

Same vulnerability type (CWE-352)