| Titel | SourceCodester Pet Grooming Management Software 1.0 Improper Authorization |
|---|
| Beschreibung | The application does not enforce proper server-side role validation on the add_user.php endpoint. A low-privileged authenticated user can directly access the user creation page and successfully create new standard user accounts. The system fails to verify whether the authenticated session has administrative privileges before processing the request. Although administrator accounts cannot be created, unauthorized user creation is still permitted. |
|---|
| Quelle | ⚠️ https://github.com/hiranerakkot/Pet-Grooming-Software/blob/main/Vulnerability_1.md |
|---|
| Benutzer | Hiran (UID 95719) |
|---|
| Einreichung | 25.02.2026 12:52 (vor 2 Monaten) |
|---|
| Moderieren | 07.03.2026 19:11 (10 days later) |
|---|
| Status | Akzeptiert |
|---|
| VulDB Eintrag | 349715 [SourceCodester Pet Grooming Management Software 1.0 User Creation add_user.php erweiterte Rechte] |
|---|
| Punkte | 20 |
|---|