Skip to main content

CVE-2023-6474: CWE-352 Cross-Site Request Forgery in PHPGurukul Nipah Virus Testing Management System

Medium
VulnerabilityCVE-2023-6474cvecve-2023-6474cwe-352
Published: Sat Dec 02 2023 (12/02/2023, 23:31:04 UTC)
Source: CVE Database V5
Vendor/Project: PHPGurukul
Product: Nipah Virus Testing Management System

Description

A vulnerability has been found in PHPGurukul Nipah Virus Testing Management System 1.0 and classified as problematic. This vulnerability affects unknown code of the file manage-phlebotomist.php. The manipulation of the argument pid leads to cross-site request forgery. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-246640.

AI-Powered Analysis

AILast updated: 07/03/2025, 18:24:37 UTC

Technical Analysis

CVE-2023-6474 is a Cross-Site Request Forgery (CSRF) vulnerability identified in version 1.0 of the PHPGurukul Nipah Virus Testing Management System, specifically within the manage-phlebotomist.php component. CSRF vulnerabilities occur when an attacker tricks an authenticated user into submitting a forged HTTP request, causing the application to perform unwanted actions on behalf of the user without their consent. In this case, the vulnerability arises from improper validation of the 'pid' parameter, which can be manipulated remotely to execute unauthorized state-changing operations. The vulnerability does not require prior authentication (PR:N), has low attack complexity (AC:L), and requires user interaction (UI:R), such as the victim clicking a malicious link or visiting a crafted webpage. The CVSS v3.1 base score is 4.3, indicating a medium severity level, with no impact on confidentiality or availability but a limited impact on integrity due to unauthorized changes that could be made to phlebotomist management data. No public exploits have been reported in the wild yet, and no patches have been officially released. The vulnerability is classified under CWE-352, which is a common web application security weakness related to CSRF attacks. Given the nature of the affected system—a specialized management system for Nipah virus testing—this vulnerability could allow attackers to manipulate critical healthcare workflow data, potentially disrupting testing operations or corrupting records.

Potential Impact

For European organizations, especially healthcare providers, laboratories, and public health agencies involved in infectious disease testing and management, this vulnerability poses a risk of unauthorized modification of phlebotomist-related data. Although the direct confidentiality and availability impacts are minimal, integrity compromise could lead to inaccurate test management, misallocation of resources, or administrative confusion. This could indirectly affect patient care quality and public health response effectiveness. Since the system is specialized and likely deployed in healthcare environments, exploitation could undermine trust in testing data and complicate outbreak management efforts. The requirement for user interaction means phishing or social engineering campaigns could be used to trigger the exploit, increasing risk in environments where users may not be trained to recognize such attacks. The medium severity score reflects these considerations but also indicates that the threat is not immediately critical. However, given the sensitive nature of healthcare data and operations, even moderate integrity issues warrant prompt attention.

Mitigation Recommendations

To mitigate this vulnerability, organizations should implement anti-CSRF tokens in all state-changing forms and requests within the Nipah Virus Testing Management System, ensuring that any request modifying data requires a valid, unpredictable token tied to the user's session. Additionally, validating the 'pid' parameter on the server side to ensure it matches expected formats and user permissions can reduce risk. Organizations should also enforce strict session management and consider implementing same-site cookie attributes to limit cross-origin requests. User education is critical to reduce the risk of social engineering attacks that could trigger CSRF exploits. Monitoring web server logs for unusual POST requests or unexpected parameter values can help detect attempted exploitation. Since no official patch is available, organizations should consider isolating the affected system within secure network segments and restricting access to trusted users only. Regular backups of critical data will aid recovery if integrity is compromised. Finally, engaging with the vendor or community for updates or patches is recommended to ensure timely remediation once available.

Need more detailed analysis?Get Pro

Technical Details

Data Version
5.1
Assigner Short Name
VulDB
Date Reserved
2023-12-02T07:34:35.254Z
Cvss Version
3.1
State
PUBLISHED

Threat ID: 683ee1eb182aa0cae27396a2

Added to database: 6/3/2025, 11:52:11 AM

Last enriched: 7/3/2025, 6:24:37 PM

Last updated: 8/4/2025, 4:22:14 PM

Views: 14

Actions

PRO

Updates to AI analysis are available only with a Pro account. Contact root@offseq.com for access.

Please log in to the Console to use AI analysis features.

Need enhanced features?

Contact root@offseq.com for Pro access with improved analysis and higher rate limits.

Latest Threats