| Título | https://github.com/pbrong/hrms hrms 1.0.1 Unauthorized bypass access |
|---|
| Descrição | pbrong/hrms There is an unauthorized access to user information vulnerability in HRms-1.0.1 \resource\resource.go file.The vulnerability is due to the flaw in the system's permission verification during database query, which causes the attacker to bypass the permission verification by constructing cookies to obtain user information.
Official website: https://github.com/pbrong/hrms/releases/tag/1.0.1
Vulnerability details: https://github.com/A7cc/cve/issues/4
|
|---|
| Fonte | ⚠️ https://github.com/A7cc/cve/issues/4 |
|---|
| Utilizador | a7cc (UID 81317) |
|---|
| Submissão | 25/02/2025 06h59 (há 1 Ano) |
|---|
| Moderação | 01/03/2025 14h59 (4 days later) |
|---|
| Estado | Aceite |
|---|
| Entrada VulDB | 298083 [pbrong hrms até 1.0.1 \resource\resource.go HrmsDB user_cookie Elevação de Privilégios] |
|---|
| Pontos | 20 |
|---|