| Titel | boyiddha Automated-Mess-Management-System 1.0 Broken Access Control |
|---|
| Beschreibung | The Automated-Mess-Management-System developed by boyiddha is afflicted by Broken Access Control, permitting unauthorized access to sensitive administrative functionalities. By simply logging in as a regular member and then visiting the '/admin/index.php' endpoint, users gain unfettered access to the admin dashboard, potentially compromising critical system settings. To rectify this issue, developers should implement proper access controls, ensuring that only authorized users can access administrative features. This can be achieved by employing role-based access control mechanisms and enforcing strict authentication checks on sensitive endpoints. Additionally, comprehensive security testing and code reviews should be conducted to identify and address any existing access control vulnerabilities effectively. |
|---|
| Quelle | ⚠️ https://github.com/skid-nochizplz/skid-nochizplz/blob/main/TrashBin/CVE/boyiddha%20utomated-Mess-Management-System/BROKEN%20ACCESS%20CONTROL%20.md |
|---|
| Benutzer | nochizplz (UID 64302) |
|---|
| Einreichung | 26.02.2024 16:43 (vor 2 Jahren) |
|---|
| Moderieren | 07.03.2024 17:04 (10 days later) |
|---|
| Status | Akzeptiert |
|---|
| VulDB Eintrag | 256048 [boyiddha Automated-Mess-Management-System 1.0 Setting /admin/index.php erweiterte Rechte] |
|---|
| Punkte | 20 |
|---|