| Título | Mayuri K. Gaatitrack Courier Management System 1.0 Broken Access Control |
|---|
| Descripción | A vulnerability, which was classified as high, was found in Mayuri K. Gaatitrack Courier Management System 1.0. This affects the function delete_user of the file ajax.php. The manipulation of the argument id leads to unauthorized deletion. It is possible to launch the attack remotely and without any authentication. This vulnerability allows an attacker to delete arbitrary users from the database, leading to potential service disruption. |
|---|
| Fuente | ⚠️ https://github.com/zy606/Vulnerability-Report/tree/main/Gaatitrack-Unauth-Delete |
|---|
| Usuario | Zyyyy (UID 96412) |
|---|
| Sumisión | 2026-03-16 10:43 (hace 21 días) |
|---|
| Moderación | 2026-04-01 15:47 (16 days later) |
|---|
| Estado | Aceptado |
|---|
| Entrada de VulDB | 354664 [SourceCodester/mayuri_k Best Courier Management System 1.0 User Delete ajax.php?action=delete_user ID escalada de privilegios] |
|---|
| Puntos | 20 |
|---|