CVE-2018-18802

Name of the Vulnerable Software and Affected Versions Tubigan "Welcome to our Resort" version 1.0

Description The issue allows for CSRF, which can be exploited via the "admin/mod users/controller.php?action=edit" API endpoint. This could potentially allow attackers to perform unauthorized actions on the application.

Recommendations For version 1.0, consider implementing proper CSRF protection mechanisms, such as token-based validation, to prevent unauthorized requests to the "admin/mod users/controller.php?action=edit" endpoint. As a temporary workaround, restrict access to this endpoint to minimize the risk of exploitation.