| 제목 | Mayuri K. Gaatitrack Courier Management System 1.0 Broken Access Control |
|---|
| 설명 | A vulnerability, which was classified as high, was found in Mayuri K. Gaatitrack Courier Management System 1.0. This affects the function delete_user of the file ajax.php. The manipulation of the argument id leads to unauthorized deletion. It is possible to launch the attack remotely and without any authentication. This vulnerability allows an attacker to delete arbitrary users from the database, leading to potential service disruption. |
|---|
| 원천 | ⚠️ https://github.com/zy606/Vulnerability-Report/tree/main/Gaatitrack-Unauth-Delete |
|---|
| 사용자 | Zyyyy (UID 96412) |
|---|
| 제출 | 2026. 03. 16. AM 10:43 (21 날 ago) |
|---|
| 모더레이션 | 2026. 04. 01. PM 03:47 (16 days later) |
|---|
| 상태 | 수락 |
|---|
| VulDB 항목 | 354664 [SourceCodester/mayuri_k Best Courier Management System 1.0 User Delete ajax.php?action=delete_user 아이디 권한 상승] |
|---|
| 포인트들 | 20 |
|---|