| タイトル | SourceCodester Book Store Management System has Broken Access Control |
|---|
| 説明 | Description: Vulnerability was found in SourceCodester Book Store Management System 1.0. This vulnerability allows a remote attacker to access all URLs without logging in and use all actions like account management page.
The product(s): https://www.sourcecodester.com/php/15748/book-store-management-system-project-using-php-codeigniter-3-free-source-code.html
Affected product(s)/code base: https://www.sourcecodester.com/sites/default/files/download/oretnom23/bsms_ci.zip
Affected component(s):
/bsms_ci/index.php/category/*
/bsms_ci/index.php/book/*
/bsms_ci/index.php/transaction/*
/bsms_ci/index.php/history/*
/bsms_ci/index.php/user/* |
|---|
| ソース | ⚠️ https://github.com/lithonn/bug-report/tree/main/vendors/oretnom23/bsms_ci/broken-access-control |
|---|
| ユーザー | leecybersec (UID 36724) |
|---|
| 送信 | 2022年11月30日 09:01 (4 年 ago) |
|---|
| モデレーション | 2022年11月30日 11:40 (3 hours later) |
|---|
| ステータス | 承諾済み |
|---|
| VulDBエントリ | 214588 [SourceCodester Book Store Management System 1.0 /bsms_ci/index.php 特権昇格] |
|---|
| ポイント | 20 |
|---|