| Titel | SourceCodester Pet Grooming Management Software 1.0 Improper Authorization |
|---|
| Beschreibung | The application fails to enforce server-side role-based access control on financial reporting endpoints. A low-privileged authenticated user can access and view sensitive financial data, including tax reports, profit reports, invoice details, and user reports. The system does not validate user role before rendering these pages. |
|---|
| Quelle | ⚠️ https://github.com/hiranerakkot/Pet-Grooming-Software/blob/main/Vulnerability_2.md |
|---|
| Benutzer | Hiran (UID 95719) |
|---|
| Einreichung | 25.02.2026 12:55 (vor 2 Monaten) |
|---|
| Moderieren | 07.03.2026 19:11 (10 days later) |
|---|
| Status | Akzeptiert |
|---|
| VulDB Eintrag | 349716 [SourceCodester Pet Grooming Management Software 1.0 Financial Report Page erweiterte Rechte] |
|---|
| Punkte | 18 |
|---|