| タイトル | boyiddha Automated-Mess-Management-System 1.0 Broken Access Control |
|---|
| 説明 | The Automated-Mess-Management-System developed by boyiddha is afflicted by Broken Access Control, permitting unauthorized access to sensitive administrative functionalities. By simply logging in as a regular member and then visiting the '/admin/index.php' endpoint, users gain unfettered access to the admin dashboard, potentially compromising critical system settings. To rectify this issue, developers should implement proper access controls, ensuring that only authorized users can access administrative features. This can be achieved by employing role-based access control mechanisms and enforcing strict authentication checks on sensitive endpoints. Additionally, comprehensive security testing and code reviews should be conducted to identify and address any existing access control vulnerabilities effectively. |
|---|
| ソース | ⚠️ https://github.com/skid-nochizplz/skid-nochizplz/blob/main/TrashBin/CVE/boyiddha%20utomated-Mess-Management-System/BROKEN%20ACCESS%20CONTROL%20.md |
|---|
| ユーザー | nochizplz (UID 64302) |
|---|
| 送信 | 2024年02月26日 16:43 (2 年 ago) |
|---|
| モデレーション | 2024年03月07日 17:04 (10 days later) |
|---|
| ステータス | 承諾済み |
|---|
| VulDBエントリ | 256048 [boyiddha Automated-Mess-Management-System 1.0 Setting /admin/index.php 特権昇格] |
|---|
| ポイント | 20 |
|---|