제출 #559480: Script And Tools Online-Travling-System 1.0 Broken Access Control정보

제목	Script And Tools Online-Travling-System 1.0 Broken Access Control
설명	Title of the Vulnerability: Script And Tools \| Online-Travling-System \| Broken Access Control In /admin/addpackage.php Vulnerability Class: Broken Access Control Product Name: Online-Travling-System Vendor: https://github.com/scriptandtools/ Vulnerable Product Link: https://github.com/scriptandtools/Online-Travling-System-Php Technical Details & Description: The application source code is coded in a way which allows To Access /admin/addpackage.php without Any Verification. Product & Service Introduction: Online-Travling-System Observation & Exploitation: Here,The Vulnerable File Is: /admin/addpackage.php Lets Exploit ????????️????: First,Go To The Vulnerable Location: Example: http://192.168.0.100:8080/OTS/admin/addpackage.php See,You Can Add Fraudulent Packages Without Any Login Credentials Or Logging in. So,This indicates that the /admin/addpackage.php is vulnerable to Broken Access Control As We Can Access An Administrator Feature Without Any Authorization !
원천	⚠️ https://www.websecurityinsights.my.id/2025/04/script-and-tools-online-travling-system_82.html
사용자	MaloyRoyOrko (UID 79572)
제출	2025. 04. 16. PM 02:51 (1 년도 ago)
모더레이션	2025. 04. 29. AM 07:19 (13 days later)
상태	수락
VulDB 항목	306503 [ScriptAndTools Online-Travling-System 1.0 /admin/addpackage.php 권한 상승]
포인트들	20

Interested in the pricing of exploits?

See the underground prices here!