| Title | https://github.com/zhanghuanhao/LibrarySystem LibrarySystem v1.1.1 Improper Access Control |
|---|
| Description | The library management system has an unauthorized access vulnerability, allowing unauthorized access to the administrator's backend.Attackers can access the management backend without logging in and perform CRUD operations on the system.Accessing /admin_books.html without logging in successfully logs into the management system, allowing users to perform CRUD operations. |
|---|
| Source | ⚠️ https://github.com/zhanghuanhao/LibrarySystem/issues/32 |
|---|
| User | Jszdk (UID 95030) |
|---|
| Submission | 01/31/2026 18:37 (3 months ago) |
|---|
| Moderation | 02/15/2026 17:06 (15 days later) |
|---|
| Status | Accepted |
|---|
| VulDB entry | 346158 [zhanghuanhao LibrarySystem 图书馆管理系统 up to 1.1.1 BookController.java access control] |
|---|
| Points | 19 |
|---|