| शीर्षक | Prison Management System -create_new user Identification and Authentication Failures |
|---|
| विवरण | Confirmation of the user's identity, authentication, and session management is critical to protect against authentication-related attacks. Previously known as Broken Authentication, this category slid down from the second position and now includes Common Weakness Enumerations (CWEs) related to identification failures. Notable CWEs included are CWE-297: Improper Validation of Certificate with Host Mismatch, CWE-287: Improper Authentication, and CWE-384: Session Fixation.Prison Management System can create a new user without authorization. |
|---|
| स्रोत | ⚠️ https://github.com/ch0ing/vul/blob/main/WebRay.com.cn/Prison%20Management%20System--.md |
|---|
| उपयोगकर्ता | webray.com.cn (UID 24778) |
|---|
| सबमिशन | 07/06/2022 05:13 AM (4 साल पहले) |
|---|
| संयम | 07/06/2022 12:12 PM (7 hours later) |
|---|
| स्थिति | स्वीकृत |
|---|
| VulDB प्रविष्टि | 201367 [SourceCodester Prison Management System 1.0 New User Creation Users.php?f=save अधिकार वृद्धि] |
|---|
| अंक | 20 |
|---|