| 제목 | boyiddha Automated-Mess-Management-System 1.0 Broken Access Control |
|---|
| 설명 | The Automated-Mess-Management-System developed by boyiddha is afflicted by Broken Access Control, permitting unauthorized access to sensitive administrative functionalities. By simply logging in as a regular member and then visiting the '/admin/index.php' endpoint, users gain unfettered access to the admin dashboard, potentially compromising critical system settings. To rectify this issue, developers should implement proper access controls, ensuring that only authorized users can access administrative features. This can be achieved by employing role-based access control mechanisms and enforcing strict authentication checks on sensitive endpoints. Additionally, comprehensive security testing and code reviews should be conducted to identify and address any existing access control vulnerabilities effectively. |
|---|
| 원천 | ⚠️ https://github.com/skid-nochizplz/skid-nochizplz/blob/main/TrashBin/CVE/boyiddha%20utomated-Mess-Management-System/BROKEN%20ACCESS%20CONTROL%20.md |
|---|
| 사용자 | nochizplz (UID 64302) |
|---|
| 제출 | 2024. 02. 26. PM 04:43 (2 연령 ago) |
|---|
| 모더레이션 | 2024. 03. 07. PM 05:04 (10 days later) |
|---|
| 상태 | 수락 |
|---|
| VulDB 항목 | 256048 [boyiddha Automated-Mess-Management-System 1.0 Setting /admin/index.php 권한 상승] |
|---|
| 포인트들 | 20 |
|---|