| Название | SourceCodester Alumni Management System 1.0 Missing Authorization |
|---|
| Описание | This report describes a critical authorization bypass vulnerability in Alumni Management System version 1.0 developed by SourceCodester. The vulnerability allows any authenticated user to delete content owned by other users without proper authorization checks, leading to unauthorized data destruction and denial of service.
|
|---|
| Источник | ⚠️ https://hackmd.io/@mlgzackfly/SourceCodester |
|---|
| Пользователь | mlgzackfly (UID 92073) |
|---|
| Представление | 13.11.2025 14:04 (7 месяцы назад) |
|---|
| Модерация | 20.11.2025 07:58 (7 days later) |
|---|
| Статус | принято |
|---|
| Запись VulDB | 333041 [SourceCodester Alumni Management System 1.0 Delete admin/admin_class.php ИД эскалация привилегий] |
|---|
| Баллы | 18 |
|---|