Invia #589458: SourceCodester Student Result Management System 1.0 Improper Access Control for Register Interfaceinformazioni

TitoloSourceCodester Student Result Management System 1.0 Improper Access Control for Register Interface
DescrizioneAn endpoint (/srms/admin/core/new_user) in SRMS 1.0 allows the creation of admin-level accounts without any authentication or access control. This enables an attacker to send a crafted POST request and register a new privileged user on the system.
Fonte⚠️ https://github.com/Watskip/GeneralResearch/blob/main/Exploits/SRMS/Unauthorized%20privileged%20user%20creation.md
Utente
 Tensei (UID 85925)
Sottomissione03/06/2025 16:13 (1 Anno fa)
Moderazione04/06/2025 14:33 (22 hours later)
StatoAccettato
Voce VulDB311139 [SourceCodester Student Result Management System 1.0 Register Interface /admin/core/new_user escalationi di privilegi]
Punti18

PrecedenteVisione D'ensembleIl prossimo

Do you want to use VulDB in your project?

Use the official API to access entries easily!