Enviar #180187: Best Fee Management System Improper Access Control vulnerable leads to system takeoverinformación

TítuloBest Fee Management System Improper Access Control vulnerable leads to system takeover
DescripciónAn Attacker without access to the system can add himself/herself as the system administrator, attacker can then manipulate system data. In admin_class.php file the save_user function lacks of acess check. Vendor SourceCodester Version The software is unversioned as of now (2023/7/10). Below is the tested version download link. https://www.sourcecodester.com/sites/default/files/download/mayuri_k/click_fees_0.zip
Fuente⚠️ https://github.com/movonow/demo/edit/main/click_fees.md
Usuario
 zhangguohu (UID 30684)
Sumisión2023-07-10 16:09 (hace 3 años)
Moderación2023-07-10 19:16 (3 hours later)
EstadoAceptado
Entrada de VulDB233450 [SourceCodester Best Fee Management System 1.0 Add User admin_class.php save_user escalada de privilegios]
Puntos20

AnteriorVisión De ConjuntoPróximo

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!