| タイトル | student-management-system resetPassword.php user password reset |
|---|
| 説明 | The step of modifying the password was not verified, resulting in the ability to directly enter the website where the final password was modified, directly redirect to the page, and then enter a new password to reset the password, resulting in a everybody password reset student-management-system does not filter the content correctly at the "resetPassword.php" sid module, resulting in anyone password reset. |
|---|
| ソース | ⚠️ https://github.com/Xor-Gerke/webray.com.cn/blob/main/cve/student-management-system/password_reset.md |
|---|
| ユーザー | webray.com.cn (UID 24778) |
|---|
| 送信 | 2023年05月31日 11:57 (3 年 ago) |
|---|
| モデレーション | 2023年05月31日 13:01 (1 hour later) |
|---|
| ステータス | 承諾済み |
|---|
| VulDBエントリ | 230354 [ningzichun Student Management System 1.0 Password Reset resetPassword.php sid 特権昇格] |
|---|
| ポイント | 19 |
|---|