Enviar #762795: SourceCodester Web-based-Pharmacy-Product-Management-System 1.0 Improper Access Controlsinformación

TítuloSourceCodester Web-based-Pharmacy-Product-Management-System 1.0 Improper Access Controls
DescripciónThe application does not invalidate active sessions after account deletion. When an Super Admin deletes a Admin account, any previously authenticated session (PHPSESSID) associated with that account remains valid. Although new login attempts fail, the existing session continues to grant access to protected administrative pages until manual logout or session expiration. This results in a privilege revocation bypass and constitutes Improper Access Control.
Fuente⚠️ https://github.com/hiranerakkot/Web-based-Pharmacy-Product-Management-System/blob/main/README.md
Usuario
 Hiran (UID 95719)
Sumisión2026-02-19 12:16 (hace 2 meses)
Moderación2026-03-01 07:44 (10 days later)
EstadoAceptado
Entrada de VulDB348296 [SourceCodester Web-based Pharmacy Product Management System 1.0 autenticación débil]
Puntos20

AnteriorVisión De ConjuntoPróximo

Want to stay up to date on a daily basis?

Enable the mail alert feature now!