| عنوان | boyiddha Automated-Mess-Management-System 1.0 Broken Access Control |
|---|
| الوصف | The Automated-Mess-Management-System developed by boyiddha is afflicted by Broken Access Control, permitting unauthorized access to sensitive administrative functionalities. By simply logging in as a regular member and then visiting the '/admin/index.php' endpoint, users gain unfettered access to the admin dashboard, potentially compromising critical system settings. To rectify this issue, developers should implement proper access controls, ensuring that only authorized users can access administrative features. This can be achieved by employing role-based access control mechanisms and enforcing strict authentication checks on sensitive endpoints. Additionally, comprehensive security testing and code reviews should be conducted to identify and address any existing access control vulnerabilities effectively. |
|---|
| المصدر | ⚠️ https://github.com/skid-nochizplz/skid-nochizplz/blob/main/TrashBin/CVE/boyiddha%20utomated-Mess-Management-System/BROKEN%20ACCESS%20CONTROL%20.md |
|---|
| المستخدم | nochizplz (UID 64302) |
|---|
| ارسال | 26/02/2024 04:43 PM (2 سنوات منذ) |
|---|
| الاعتدال | 07/03/2024 05:04 PM (10 days later) |
|---|
| الحالة | تمت الموافقة |
|---|
| إدخال VulDB | 256048 [boyiddha Automated-Mess-Management-System 1.0 Setting /admin/index.php تجاوز الصلاحيات] |
|---|
| النقاط | 20 |
|---|