| 제목 | SourceCodester Pet Grooming Management Software 1.0 Improper Authorization |
|---|
| 설명 | The application does not enforce proper server-side role validation on the add_user.php endpoint. A low-privileged authenticated user can directly access the user creation page and successfully create new standard user accounts. The system fails to verify whether the authenticated session has administrative privileges before processing the request. Although administrator accounts cannot be created, unauthorized user creation is still permitted. |
|---|
| 원천 | ⚠️ https://github.com/hiranerakkot/Pet-Grooming-Software/blob/main/Vulnerability_1.md |
|---|
| 사용자 | Hiran (UID 95719) |
|---|
| 제출 | 2026. 02. 25. PM 12:52 (2 개월 ago) |
|---|
| 모더레이션 | 2026. 03. 07. PM 07:11 (10 days later) |
|---|
| 상태 | 수락 |
|---|
| VulDB 항목 | 349715 [SourceCodester Pet Grooming Management Software 1.0 User Creation add_user.php 권한 상승] |
|---|
| 포인트들 | 20 |
|---|