| 제목 | haxxorsid stock-management-system 1.0 Improper Access Controls |
|---|
| 설명 | haxxorsid/stock-management-system is an application developed based on MVC pattern, but the application only sets the permission control mechanism in the view layer, and does not set the permission control in the controller layer. As a result, unauthorized users can directly access controller's interface through apis to obtain sensitive application information or perform sensitive operations. |
|---|
| 원천 | ⚠️ https://github.com/ixpqxi/CVE_LIST/blob/master/stock_management_system/access_control_vulnerability.md |
|---|
| 사용자 | ixpqxi (UID 83247) |
|---|
| 제출 | 2025. 12. 01. AM 03:57 (6 개월 ago) |
|---|
| 모더레이션 | 2025. 12. 12. PM 12:14 (11 days later) |
|---|
| 상태 | 수락 |
|---|
| VulDB 항목 | 336191 [haxxorsid Stock-Management-System 까지 fbbbf213e9c93b87183a3891f77e3cc7095f22b0 /api/employees 약한 인증] |
|---|
| 포인트들 | 19 |
|---|