| 제목 | student-management-system resetPassword.php user password reset |
|---|
| 설명 | The step of modifying the password was not verified, resulting in the ability to directly enter the website where the final password was modified, directly redirect to the page, and then enter a new password to reset the password, resulting in a everybody password reset student-management-system does not filter the content correctly at the "resetPassword.php" sid module, resulting in anyone password reset. |
|---|
| 원천 | ⚠️ https://github.com/Xor-Gerke/webray.com.cn/blob/main/cve/student-management-system/password_reset.md |
|---|
| 사용자 | webray.com.cn (UID 24778) |
|---|
| 제출 | 2023. 05. 31. AM 11:57 (3 연령 ago) |
|---|
| 모더레이션 | 2023. 05. 31. PM 01:01 (1 hour later) |
|---|
| 상태 | 수락 |
|---|
| VulDB 항목 | 230354 [ningzichun Student Management System 1.0 Password Reset resetPassword.php sid 권한 상승] |
|---|
| 포인트들 | 19 |
|---|