| 제목 | sepidz SepidzDigitalMenu 7.1.0728.1 Sensitive Data Exposure leads to Broken Access Control |
|---|
| 설명 | have identified a critical bug where sending a request to the Waiters' path exposes the entire username and clear-text passwords of users, including administrators. Through the use of Google dork "intitle:"sepidzdigitalmenu", all targeted customers can be easily determined.
This security vulnerability poses a significant risk to the confidentiality of user credentials and compromises the privacy of both regular users and administrators. |
|---|
| 원천 | ⚠️ http://menu.tircoffee.ir/Waiters |
|---|
| 사용자 | QF5252 (UID 62585) |
|---|
| 제출 | 2024. 01. 29. PM 01:31 (2 연령 ago) |
|---|
| 모더레이션 | 2024. 02. 06. AM 09:16 (8 days later) |
|---|
| 상태 | 수락 |
|---|
| VulDB 항목 | 252994 [sepidz SepidzDigitalMenu 까지 7.1.0728.1 /Waiters 정보 공개] |
|---|
| 포인트들 | 17 |
|---|