Enviar #449684: sourcecodester Best Courier Management System Project in PHP v1.0 Unauthorized Tenant Deletioninformación

Títulosourcecodester Best Courier Management System Project in PHP v1.0 Unauthorized Tenant Deletion
DescripciónThe application allows an anonymous user to delete any tenant without authorization by sending a POST request to /rental/ajax.php?action=delete_tenant with the body id=<Number>. This vulnerability allows an attacker to delete all tenants, which can disrupt business operations and lead to data loss.
Fuente⚠️ https://github.com/YasserREED/YasserREED-CVEs/blob/main/Best%20house%20rental%20management%20system%20project%20in%20php/Unauthorized%20Tenant%20Deletion.md
Usuario
 Anonymous User
Sumisión2024-11-21 23:09 (hace 1 Año)
Moderación2024-11-27 12:18 (6 days later)
EstadoAceptado
Entrada de VulDB286245 [SourceCodester Best House Rental Management System 1.0 POST Request ajax.php?action=delete_tenant ID escalada de privilegios]
Puntos18

AnteriorVisión De ConjuntoPróximo

Interested in the pricing of exploits?

See the underground prices here!