| 제목 | Unauthenticated Password Hash Disclosure vulnerability |
|---|
| 설명 | Vulnerability was found in SourceCodester Book Store Management System 1.0. An Unauthenticated Password Hash Disclosure vulnerability has been identified, which can be exploited to retrieve the password hashes of all existing user accounts.
The product(s): https://www.sourcecodester.com/php/15748/book-store-management-system-project-using-php-codeigniter-3-free-source-code.html
Affected product(s)/code base: https://www.sourcecodester.com/sites/default/files/download/oretnom23/bsms_ci.zip
Affected component(s): /bsms_ci/index.php/user/edit_user/{id} |
|---|
| 원천 | ⚠️ https://github.com/lithonn/bug-report/tree/main/vendors/oretnom23/bsms_ci/passwd-hash |
|---|
| 사용자 | leecybersec (UID 36724) |
|---|
| 제출 | 2022. 11. 30. AM 08:59 (4 연령 ago) |
|---|
| 모더레이션 | 2022. 11. 30. AM 11:20 (2 hours later) |
|---|
| 상태 | 수락 |
|---|
| VulDB 항목 | 214587 [SourceCodester Book Store Management System 1.0 edit_user 비밀번호 정보 공개] |
|---|
| 포인트들 | 20 |
|---|