Key Vulnerability Information Vulnerability Description Type: CSRF (Cross-Site Request Forgery) Affected Page: Profile page in the Student Result Management System Issue: Attackers can exploit a malicious HTML page to modify a user’s account details without their knowledge. Impact Details Affected Product: Student Result Management System Using PHP V2.0 Official Link: Student Result Management System Affected Product Codebase Language: PHP Database: MySQL Frontend Technologies: HTML, AJAX, jQuery, JavaScript Reproduction Steps 1. Capture Request: Use tools like Burp Suite to capture the request for adding a student record. 2. Generate POC: Send the captured request to a CSRF POC generator. 3. Save and Export: Save the generated POC and export it as an HTML file. 4. Open HTML File: Open the exported HTML file in a different browser. 5. Automatic Execution: The user, unaware, will automatically execute the action of adding a student record. Recommended Resources OWASP CSRF Prevention Cheat Sheet