| Название | https://github.com/zhanghuanhao/LibrarySystem LibrarySystem v1.1.1 Improper Access Control |
|---|
| Описание | The library management system has an unauthorized access vulnerability, allowing unauthorized access to the administrator's backend.Attackers can access the management backend without logging in and perform CRUD operations on the system.Accessing /admin_books.html without logging in successfully logs into the management system, allowing users to perform CRUD operations. |
|---|
| Источник | ⚠️ https://github.com/zhanghuanhao/LibrarySystem/issues/32 |
|---|
| Пользователь | Jszdk (UID 95030) |
|---|
| Представление | 31.01.2026 18:37 (3 месяцы назад) |
|---|
| Модерация | 15.02.2026 17:06 (15 days later) |
|---|
| Статус | принято |
|---|
| Запись VulDB | 346158 [zhanghuanhao LibrarySystem 图书馆管理系统 до 1.1.1 BookController.java эскалация привилегий] |
|---|
| Баллы | 19 |
|---|