CVE-2019-18414

Name of the Vulnerable Software and Affected Versions Sourcecodester Restaurant Management System version 1.0

Description The issue is related to a Cross Site Request Forgery vulnerability in the admin/staff-exec.php file due to a lack of CSRF protection. This could allow an attacker to trick the administrator into executing arbitrary code or adding a staff entry via a crafted HTML page.

Recommendations For Sourcecodester Restaurant Management System version 1.0, consider implementing CSRF protection mechanisms to prevent attackers from tricking administrators into executing unwanted actions. As a temporary workaround, restrict access to the admin/staff-exec.php file to minimize the risk of exploitation.