| عنوان | code-projects Smart Parking System In PHP With Source Code 1.0 Improper Access Controls |
|---|
| الوصف | The Smart Parking System 1.0 by code-projects.org fails to enforce authentication on multiple admin-only endpoints. An unauthenticated remote attacker can directly access these endpoints with no session cookie and perform privileged operations including creating attendant accounts, editing and deleting parking records, and viewing all customer PII and booking data.
No credentials, no session token, and no interaction from any legitimate user is required to exploit this vulnerability. |
|---|
| المصدر | ⚠️ https://github.com/Xmyronn/smart-parking-system-broken-access.git |
|---|
| المستخدم | imad alvi (UID 97088) |
|---|
| ارسال | 08/05/2026 11:20 PM (1 شهر منذ) |
|---|
| الاعتدال | 31/05/2026 12:12 PM (23 days later) |
|---|
| الحالة | تمت الموافقة |
|---|
| إدخال VulDB | 367521 [code-projects Smart Parking System 1.0 Admin Endpoint توثيق ضعيف] |
|---|
| النقاط | 20 |
|---|