| Título | student-management-system resetPassword.php user password reset |
|---|
| Descrição | The step of modifying the password was not verified, resulting in the ability to directly enter the website where the final password was modified, directly redirect to the page, and then enter a new password to reset the password, resulting in a everybody password reset student-management-system does not filter the content correctly at the "resetPassword.php" sid module, resulting in anyone password reset. |
|---|
| Fonte | ⚠️ https://github.com/Xor-Gerke/webray.com.cn/blob/main/cve/student-management-system/password_reset.md |
|---|
| Utilizador | webray.com.cn (UID 24778) |
|---|
| Submissão | 31/05/2023 11h57 (há 3 anos) |
|---|
| Moderação | 31/05/2023 13h01 (1 hour later) |
|---|
| Estado | Aceite |
|---|
| Entrada VulDB | 230354 [ningzichun Student Management System 1.0 Password Reset resetPassword.php sid Elevação de Privilégios] |
|---|
| Pontos | 19 |
|---|