Submit #274640: sepidz SepidzDigitalMenu 7.1.0728.1 Sensitive Data Exposure leads to Broken Access Controlinfo

Titlesepidz SepidzDigitalMenu 7.1.0728.1 Sensitive Data Exposure leads to Broken Access Control
Description have identified a critical bug where sending a request to the Waiters' path exposes the entire username and clear-text passwords of users, including administrators. Through the use of Google dork "intitle:"sepidzdigitalmenu", all targeted customers can be easily determined. This security vulnerability poses a significant risk to the confidentiality of user credentials and compromises the privacy of both regular users and administrators.
Source⚠️ http://menu.tircoffee.ir/Waiters
UserQF5252 (ID 62585)
Submission29/01/2024 13:31 (4 months ago)
Moderation06/02/2024 09:16 (8 days later)
StatusAccettato
VulDB Entry252994

PrecedenteVisione D'insiemeIl prossimo

Might our Artificial Intelligence support you?

Check our Alexa App!