| タイトル | Unauthenticated Password Hash Disclosure vulnerability |
|---|
| 説明 | Vulnerability was found in SourceCodester Book Store Management System 1.0. An Unauthenticated Password Hash Disclosure vulnerability has been identified, which can be exploited to retrieve the password hashes of all existing user accounts.
The product(s): https://www.sourcecodester.com/php/15748/book-store-management-system-project-using-php-codeigniter-3-free-source-code.html
Affected product(s)/code base: https://www.sourcecodester.com/sites/default/files/download/oretnom23/bsms_ci.zip
Affected component(s): /bsms_ci/index.php/user/edit_user/{id} |
|---|
| ソース | ⚠️ https://github.com/lithonn/bug-report/tree/main/vendors/oretnom23/bsms_ci/passwd-hash |
|---|
| ユーザー | leecybersec (UID 36724) |
|---|
| 送信 | 2022年11月30日 08:59 (4 年 ago) |
|---|
| モデレーション | 2022年11月30日 11:20 (2 hours later) |
|---|
| ステータス | 承諾済み |
|---|
| VulDBエントリ | 214587 [SourceCodester Book Store Management System 1.0 edit_user パスワード 情報漏えい] |
|---|
| ポイント | 20 |
|---|