CVE-2026-1142
Unknown Unknown - Not Provided
Cross-Site Request Forgery in PHPGurukul News Portal

Publication date: 2026-01-19

Last updated on: 2026-04-29

Assigner: VulDB

Description
A security flaw has been discovered in PHPGurukul News Portal 1.0. The impacted element is an unknown function. Performing a manipulation results in cross-site request forgery. The attack may be initiated remotely. The exploit has been released to the public and may be used for attacks.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-01-19
Last Modified
2026-04-29
Generated
2026-06-16
AI Q&A
2026-01-19
EPSS Evaluated
2026-06-15
NVD
CVE-2026-1142
EUVD
EUVD-2026-3235
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
phpgurukul news_portal 1.0
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-862 The product does not perform an authorization check when an actor attempts to access a resource or perform an action.
CWE-352 The web application does not, or cannot, sufficiently verify whether a request was intentionally provided by the user who sent the request, which could have originated from an unauthorized actor.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Impact Analysis

This vulnerability can lead to unauthorized creation of sub-admin accounts, allowing attackers to gain privileged access to the news portal's administrative functions. This can result in privilege abuse, unauthorized changes, and potentially full compromise of the admin panel's integrity and control over the system. [2, 3]

Executive Summary

CVE-2026-1142 is a Cross-Site Request Forgery (CSRF) vulnerability in PHPGurukul News Portal version 1.0. It exists because the admin endpoint responsible for creating sub-admin accounts lacks anti-CSRF protections such as CSRF tokens or origin validation. An attacker can craft a malicious HTML page that, when visited by an authenticated admin user, automatically submits a forged POST request to create sub-admin accounts without the victim's knowledge or consent. This allows unauthorized privileged account creation and compromises the integrity of the admin panel. [2, 3, 4]

Detection Guidance

This vulnerability can be detected by monitoring for unauthorized POST requests to the admin endpoint `/news/admin/add-subadmins.php` that create sub-admin accounts without proper CSRF tokens or origin validation. Detection can involve inspecting web server logs for suspicious POST requests to this endpoint, especially those lacking valid CSRF tokens or coming from unexpected referers. Additionally, reviewing HTTP requests for forged parameters such as `sadminusername` and `pwd` used in the exploit can help identify attempts. Specific commands might include using tools like `grep` on server logs to find POST requests to the vulnerable endpoint, for example: `grep 'POST /news/admin/add-subadmins.php' /var/log/apache2/access.log` or using web application firewalls (WAF) to detect and block CSRF attack patterns. [2, 3]

Mitigation Strategies

Immediate mitigation steps include implementing anti-CSRF protections such as adding CSRF tokens to all state-changing requests, especially the POST requests to `/news/admin/add-subadmins.php`. Additionally, validate user roles server-side before processing any admin actions to ensure only authorized users can perform these operations. Reject any requests that lack valid CSRF tokens or come from invalid origins. If patching is not immediately possible, restrict access to the vulnerable admin endpoint via network controls or web application firewall rules to block unauthorized requests. Monitoring and alerting on suspicious activity targeting this endpoint is also recommended. [3]

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-1142. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart