| タイトル | Mayuri K. Gaatitrack Courier Management System 1.0 Broken Access Control |
|---|
| 説明 | A vulnerability, which was classified as high, was found in Mayuri K. Gaatitrack Courier Management System 1.0. This affects the function delete_user of the file ajax.php. The manipulation of the argument id leads to unauthorized deletion. It is possible to launch the attack remotely and without any authentication. This vulnerability allows an attacker to delete arbitrary users from the database, leading to potential service disruption. |
|---|
| ソース | ⚠️ https://github.com/zy606/Vulnerability-Report/tree/main/Gaatitrack-Unauth-Delete |
|---|
| ユーザー | Zyyyy (UID 96412) |
|---|
| 送信 | 2026年03月16日 10:43 (22 日 ago) |
|---|
| モデレーション | 2026年04月01日 15:47 (16 days later) |
|---|
| ステータス | 承諾済み |
|---|
| VulDBエントリ | 354664 [SourceCodester/mayuri_k Best Courier Management System 1.0 User Delete ajax.php?action=delete_user 識別子 特権昇格] |
|---|
| ポイント | 20 |
|---|