| Title | SourceCodester Alumni Management System 1.0 Missing Authorization |
|---|
| Description | This report describes a critical authorization bypass vulnerability in Alumni Management System version 1.0 developed by SourceCodester. The vulnerability allows any authenticated user to delete content owned by other users without proper authorization checks, leading to unauthorized data destruction and denial of service.
|
|---|
| Source | ⚠️ https://hackmd.io/@mlgzackfly/SourceCodester |
|---|
| User | mlgzackfly (UID 92073) |
|---|
| Submission | 11/13/2025 14:04 (7 months ago) |
|---|
| Moderation | 11/20/2025 07:58 (7 days later) |
|---|
| Status | Accepted |
|---|
| VulDB entry | 333041 [SourceCodester Alumni Management System 1.0 Delete admin/admin_class.php ID authorization] |
|---|
| Points | 18 |
|---|