Submit #703879: haxxorsid stock-management-system 1.0 Improper Access Controlsinfo

Titelhaxxorsid stock-management-system 1.0 Improper Access Controls
Beschreibunghaxxorsid/stock-management-system is an application developed based on MVC pattern, but the application only sets the permission control mechanism in the view layer, and does not set the permission control in the controller layer. As a result, unauthorized users can directly access controller's interface through apis to obtain sensitive application information or perform sensitive operations.
Quelle⚠️ https://github.com/ixpqxi/CVE_LIST/blob/master/stock_management_system/access_control_vulnerability.md
Benutzer
 ixpqxi (UID 83247)
Einreichung01.12.2025 03:57 (vor 7 Monaten)
Moderieren12.12.2025 12:14 (11 days later)
StatusAkzeptiert
VulDB Eintrag336191 [haxxorsid Stock-Management-System bis fbbbf213e9c93b87183a3891f77e3cc7095f22b0 /api/employees schwache Authentisierung]
Punkte19

ZurückÜbersichtWeiter

Want to know what is going to be exploited?

We predict KEV entries!