إرسال #171661: PuneethReddyHC's Online Shopping System Advanced v1.0 is vulnerable to authentication bypass via reg.php, An attacker can register himself as a admin and get access to admin panel.المعلومات

عنوان	PuneethReddyHC's Online Shopping System Advanced v1.0 is vulnerable to authentication bypass via reg.php, An attacker can register himself as a admin and get access to admin panel.
الوصف	### Summary: PuneethReddyHC's Online Shopping System Advanced v1.0 is vulnerable to authentication bypass via reg.php, An attacker can register himself as a admin and get access to admin panel. ### VENDOR HOMEPAGE: https://github.com/PuneethReddyHC/online-shopping-system-advanced ### SOFTWARE LINK: https://github.com/PuneethReddyHC/online-shopping-system-advanced ### CVSS 3.1 Vector String: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:N ### Proof Of Concept: 1. Open http://localhost/online-shopping-system-advanced-master/admin/reg.php 3. Input your details 4. You'll be in admin panel
المستخدم	kr1shna4garwal (UID 49100)
ارسال	19/06/2023 03:48 PM (3 سنوات منذ)
الاعتدال	20/06/2023 01:43 PM (22 hours later)
الحالة	تمت الموافقة
إدخال VulDB	232009 [PuneethReddyHC Online Shopping System Advanced 1.0 Admin Registration /admin/reg.php توثيق ضعيف]
النقاط	17

Do you want to use VulDB in your project?

Use the official API to access entries easily!