| Title | crmeb CRMEB-KY v5.6.1 Low permission users can reset administrator password |
|---|
| Description | As you can see from the code, the save method receives a $id and a $data array containing the new data. It first gets administrator information from the database based on $id, and then, if the pwd field is included in $data, it updates the administrator's password. This code itself does not check whether the current operator has permission to modify the target user ($id) |
|---|
| Source | ⚠️ https://github.com/August829/Yu/blob/main/58ead8e7e08bfb013.md |
|---|
| User | Yu Bao (UID 88956) |
|---|
| Submission | 08/30/2025 06:12 (8 months ago) |
|---|
| Moderation | 09/13/2025 11:46 (14 days later) |
|---|
| Status | Accepted |
|---|
| VulDB entry | 323824 [CRMEB up to 5.6.1 Administrator Password SystemAdminServices.php save ID improper authorization] |
|---|
| Points | 19 |
|---|