Submeter #449698: sourcecodester Best Courier Management System Project in PHP v1.0 Unauthorized Tenant Additioninformação

Títulosourcecodester Best Courier Management System Project in PHP v1.0 Unauthorized Tenant Addition
DescriçãoAn anonymous user can exploit the Unauthorized Tenant Addition vulnerability by sending a POST request to /rental/ajax.php?action=save_tenant. The lack of authentication and authorization checks enables attackers to insert arbitrary tenant data into the database.
Fonte⚠️ https://github.com/YasserREED/YasserREED-CVEs/blob/main/Best%20house%20rental%20management%20system%20project%20in%20php/Unauthorized%20Tenant%20Deletion.md
Utilizador
 Anonymous User
Submissão21/11/2024 23h25 (há 1 Ano)
Moderação28/11/2024 10h07 (6 days later)
EstadoDuplicado
Entrada VulDB286245 [SourceCodester Best House Rental Management System 1.0 POST Request ajax.php?action=delete_tenant ID Elevação de Privilégios]
Pontos0

VoltarVisão GeralPróximo

Do you want to use VulDB in your project?

Use the official API to access entries easily!