| عنوان | student-management-system resetPassword.php user password reset |
|---|
| الوصف | The step of modifying the password was not verified, resulting in the ability to directly enter the website where the final password was modified, directly redirect to the page, and then enter a new password to reset the password, resulting in a everybody password reset student-management-system does not filter the content correctly at the "resetPassword.php" sid module, resulting in anyone password reset. |
|---|
| المصدر | ⚠️ https://github.com/Xor-Gerke/webray.com.cn/blob/main/cve/student-management-system/password_reset.md |
|---|
| المستخدم | webray.com.cn (UID 24778) |
|---|
| ارسال | 31/05/2023 11:57 AM (3 سنوات منذ) |
|---|
| الاعتدال | 31/05/2023 01:01 PM (1 hour later) |
|---|
| الحالة | تمت الموافقة |
|---|
| إدخال VulDB | 230354 [ningzichun Student Management System 1.0 Password Reset resetPassword.php sid تجاوز الصلاحيات] |
|---|
| النقاط | 19 |
|---|