| عنوان | PHPGurukul Pre-School Enrollment System 1.0 access control |
|---|
| الوصف | There is a vertical override vulnerability in the/admin/add-subadmin.php system. In the system design, only super administrators can add sub administrators, but due to the lack of verification of user session identity in request verification. Resulting in low privileged users being able to successfully send requests to add sub administrators directly.Please refer to the following source code for details. |
|---|
| المصدر | ⚠️ https://github.com/SECWG/cve/issues/3 |
|---|
| المستخدم | WenGui (UID 82184) |
|---|
| ارسال | 05/03/2025 05:11 PM (1 سنة منذ) |
|---|
| الاعتدال | 07/03/2025 07:21 AM (2 days later) |
|---|
| الحالة | تمت الموافقة |
|---|
| إدخال VulDB | 298904 [PHPGurukul Pre-School Enrollment System 1.0 Sub Admin /admin/add-subadmin.php تجاوز الصلاحيات] |
|---|
| النقاط | 19 |
|---|