| 제목 | code-projects Smart Parking System In PHP With Source Code 1.0 Improper Access Controls |
|---|
| 설명 | The Smart Parking System 1.0 by code-projects.org fails to enforce authentication on multiple admin-only endpoints. An unauthenticated remote attacker can directly access these endpoints with no session cookie and perform privileged operations including creating attendant accounts, editing and deleting parking records, and viewing all customer PII and booking data.
No credentials, no session token, and no interaction from any legitimate user is required to exploit this vulnerability. |
|---|
| 원천 | ⚠️ https://github.com/Xmyronn/smart-parking-system-broken-access.git |
|---|
| 사용자 | imad alvi (UID 97088) |
|---|
| 제출 | 2026. 05. 08. PM 11:20 (1 월 ago) |
|---|
| 모더레이션 | 2026. 05. 31. PM 12:12 (23 days later) |
|---|
| 상태 | 수락 |
|---|
| VulDB 항목 | 367521 [code-projects Smart Parking System 1.0 Admin Endpoint 약한 인증] |
|---|
| 포인트들 | 20 |
|---|