Title | sepidz SepidzDigitalMenu 7.1.0728.1 Sensitive Data Exposure leads to Broken Access Control |
---|
Description | have identified a critical bug where sending a request to the Waiters' path exposes the entire username and clear-text passwords of users, including administrators. Through the use of Google dork "intitle:"sepidzdigitalmenu", all targeted customers can be easily determined.
This security vulnerability poses a significant risk to the confidentiality of user credentials and compromises the privacy of both regular users and administrators. |
---|
Source | ⚠️ http://menu.tircoffee.ir/Waiters |
---|
User | QF5252 (ID 62585) |
---|
Submission | 01/29/2024 13:31 (3 months ago) |
---|
Moderation | 02/06/2024 09:16 (8 days later) |
---|
Status | Accepted |
---|
VulDB Entry | 252994 |
---|