| عنوان | code-projects Online Movie Streaming 1.0 Improper Authentication |
|---|
| الوصف | A Missing Authorization vulnerability exists in the admin panel of code-projects Online Movie Streaming 1.0. The admin.php and admin-control.php scripts fail to perform any server-side permission checks. While the UI hides the admin link from non-administrative users, any unauthenticated attacker can bypass this by directly navigating to the admin page URLs. This allows for unauthorized access to administrative functions, such as adding or modifying movie content on the site. |
|---|
| المصدر | ⚠️ https://github.com/i-Corner/cve/issues/15 |
|---|
| المستخدم | iC0rner (UID 82839) |
|---|
| ارسال | 30/07/2025 09:29 AM (11 أشهر منذ) |
|---|
| الاعتدال | 31/07/2025 08:52 PM (1 day later) |
|---|
| الحالة | تمت الموافقة |
|---|
| إدخال VulDB | 318462 [code-projects Online Movie Streaming 1.0 /admin.php معرف تجاوز الصلاحيات] |
|---|
| النقاط | 20 |
|---|