| Название | Mayuri K. Gaatitrack Courier Management System 1.0 Broken Access Control |
|---|
| Описание | A vulnerability, which was classified as high, was found in Mayuri K. Gaatitrack Courier Management System 1.0. This affects the function delete_user of the file ajax.php. The manipulation of the argument id leads to unauthorized deletion. It is possible to launch the attack remotely and without any authentication. This vulnerability allows an attacker to delete arbitrary users from the database, leading to potential service disruption. |
|---|
| Источник | ⚠️ https://github.com/zy606/Vulnerability-Report/tree/main/Gaatitrack-Unauth-Delete |
|---|
| Пользователь | Zyyyy (UID 96412) |
|---|
| Представление | 16.03.2026 10:43 (20 дни назад) |
|---|
| Модерация | 01.04.2026 15:47 (16 days later) |
|---|
| Статус | принято |
|---|
| Запись VulDB | 354664 [SourceCodester/mayuri_k Best Courier Management System 1.0 User Delete ajax.php?action=delete_user ИД эскалация привилегий] |
|---|
| Баллы | 20 |
|---|