| Título | SourceCodester Pet Grooming Management Software 1.0 Improper Authorization |
|---|
| Descrição | The application fails to enforce server-side role-based access control on financial reporting endpoints. A low-privileged authenticated user can access and view sensitive financial data, including tax reports, profit reports, invoice details, and user reports. The system does not validate user role before rendering these pages. |
|---|
| Fonte | ⚠️ https://github.com/hiranerakkot/Pet-Grooming-Software/blob/main/Vulnerability_2.md |
|---|
| Utilizador | Hiran (UID 95719) |
|---|
| Submissão | 25/02/2026 12h55 (há 2 meses) |
|---|
| Moderação | 07/03/2026 19h11 (10 days later) |
|---|
| Estado | Aceite |
|---|
| Entrada VulDB | 349716 [SourceCodester Pet Grooming Management Software 1.0 Financial Report Page Elevação de Privilégios] |
|---|
| Pontos | 18 |
|---|