| 제목 | SourceCodester Pet Grooming Management Software 1.0 Improper Authorization |
|---|
| 설명 | The application fails to enforce server-side role-based access control on financial reporting endpoints. A low-privileged authenticated user can access and view sensitive financial data, including tax reports, profit reports, invoice details, and user reports. The system does not validate user role before rendering these pages. |
|---|
| 원천 | ⚠️ https://github.com/hiranerakkot/Pet-Grooming-Software/blob/main/Vulnerability_2.md |
|---|
| 사용자 | Hiran (UID 95719) |
|---|
| 제출 | 2026. 02. 25. PM 12:55 (2 개월 ago) |
|---|
| 모더레이션 | 2026. 03. 07. PM 07:11 (10 days later) |
|---|
| 상태 | 수락 |
|---|
| VulDB 항목 | 349716 [SourceCodester Pet Grooming Management Software 1.0 Financial Report Page 권한 상승] |
|---|
| 포인트들 | 18 |
|---|