提出 #189029: SourceCodester Free Hospital Management System for Small Practices 1.0 has a vertical privilege escalation vulnerability情報

タイトルSourceCodester Free Hospital Management System for Small Practices 1.0 has a vertical privilege escalation vulnerability
説明SourceCodester Free Hospital Management System for Small Practices 1.0 has a vertical privilege escalation vulnerability, allowing attackers to intercept redirects and gain unauthorized access to the administrative backend with system administrator privileges.The developer implemented a redirect in the permission check without using the die() or exit() functions to terminate the program execution, which resulted in vertical privilege escalation.
ソース⚠️ https://github.com/Yesec/Free-Hospital-Management-System-for-Small-Practices/blob/main/vertical%20privilege%20escalation/vuln.md
ユーザー
 YeSec (UID 50956)
送信2023年07月31日 07:27 (3 年 ago)
モデレーション2023年08月05日 18:40 (5 days later)
ステータス承諾済み
VulDBエントリ236216 [SourceCodester Free Hospital Management System for Small Practices Redirect delete-doctor.php?id=2 特権昇格]
ポイント20

Do you need the next level of professionalism?

Upgrade your account now!