| 제목 | SourceCodester Free Hospital Management System for Small Practices 1.0 has a vertical privilege escalation vulnerability |
|---|
| 설명 | SourceCodester Free Hospital Management System for Small Practices 1.0 has a vertical privilege escalation vulnerability, allowing attackers to intercept redirects and gain unauthorized access to the administrative backend with system administrator privileges.The developer implemented a redirect in the permission check without using the die() or exit() functions to terminate the program execution, which resulted in vertical privilege escalation. |
|---|
| 원천 | ⚠️ https://github.com/Yesec/Free-Hospital-Management-System-for-Small-Practices/blob/main/vertical%20privilege%20escalation/vuln.md |
|---|
| 사용자 | YeSec (UID 50956) |
|---|
| 제출 | 2023. 07. 31. AM 07:27 (3 연령 ago) |
|---|
| 모더레이션 | 2023. 08. 05. PM 06:40 (5 days later) |
|---|
| 상태 | 수락 |
|---|
| VulDB 항목 | 236216 [SourceCodester Free Hospital Management System for Small Practices Redirect delete-doctor.php?id=2 권한 상승] |
|---|
| 포인트들 | 20 |
|---|