Submit #559480: Script And Tools Online-Travling-System 1.0 Broken Access Controlinfo

TitelScript And Tools Online-Travling-System 1.0 Broken Access Control
BeschreibungTitle of the Vulnerability: Script And Tools | Online-Travling-System | Broken Access Control In /admin/addpackage.php Vulnerability Class: Broken Access Control Product Name: Online-Travling-System Vendor: https://github.com/scriptandtools/ Vulnerable Product Link: https://github.com/scriptandtools/Online-Travling-System-Php Technical Details & Description: The application source code is coded in a way which allows To Access /admin/addpackage.php without Any Verification. Product & Service Introduction: Online-Travling-System Observation & Exploitation: Here,The Vulnerable File Is: /admin/addpackage.php Lets Exploit ????????️????: First,Go To The Vulnerable Location: Example: http://192.168.0.100:8080/OTS/admin/addpackage.php See,You Can Add Fraudulent Packages Without Any Login Credentials Or Logging in. So,This indicates that the /admin/addpackage.php is vulnerable to Broken Access Control As We Can Access An Administrator Feature Without Any Authorization !
Quelle⚠️ https://www.websecurityinsights.my.id/2025/04/script-and-tools-online-travling-system_82.html
Benutzer
 MaloyRoyOrko (UID 79572)
Einreichung16.04.2025 14:51 (vor 1 Jahr)
Moderieren29.04.2025 07:19 (13 days later)
StatusAkzeptiert
VulDB Eintrag306503 [ScriptAndTools Online-Travling-System 1.0 /admin/addpackage.php erweiterte Rechte]
Punkte20

ZurückÜbersichtWeiter

Want to stay up to date on a daily basis?

Enable the mail alert feature now!