Invia #274640: sepidz SepidzDigitalMenu 7.1.0728.1 Sensitive Data Exposure leads to Broken Access Controlinformazioni

Titolosepidz SepidzDigitalMenu 7.1.0728.1 Sensitive Data Exposure leads to Broken Access Control
Descrizione have identified a critical bug where sending a request to the Waiters' path exposes the entire username and clear-text passwords of users, including administrators. Through the use of Google dork "intitle:"sepidzdigitalmenu", all targeted customers can be easily determined. This security vulnerability poses a significant risk to the confidentiality of user credentials and compromises the privacy of both regular users and administrators.
Fonte⚠️ http://menu.tircoffee.ir/Waiters
Utente
 QF5252 (UID 62585)
Sottomissione29/01/2024 13:31 (2 anni fa)
Moderazione06/02/2024 09:16 (8 days later)
StatoAccettato
Voce VulDB252994 [sepidz SepidzDigitalMenu fino a 7.1.0728.1 /Waiters rivelazione di informazioni]
Punti17

PrecedenteVisione D'ensembleIl prossimo

Do you want to use VulDB in your project?

Use the official API to access entries easily!