Gửi #449698: sourcecodester Best Courier Management System Project in PHP v1.0 Unauthorized Tenant Additionthông tin

tiêu đềsourcecodester Best Courier Management System Project in PHP v1.0 Unauthorized Tenant Addition
Mô tảAn anonymous user can exploit the Unauthorized Tenant Addition vulnerability by sending a POST request to /rental/ajax.php?action=save_tenant. The lack of authentication and authorization checks enables attackers to insert arbitrary tenant data into the database.
Nguồn⚠️ https://github.com/YasserREED/YasserREED-CVEs/blob/main/Best%20house%20rental%20management%20system%20project%20in%20php/Unauthorized%20Tenant%20Deletion.md
Người dùng
 Anonymous User
Đệ trình21/11/2024 23:25 (cách đây 1 Năm)
Kiểm duyệt28/11/2024 10:07 (6 days later)
Trạng tháiBản sao
Mục VulDB286245 [SourceCodester Best House Rental Management System 1.0 POST Request ajax.php?action=delete_tenant ID nâng cao đặc quyền]
điểm0

Do you want to use VulDB in your project?

Use the official API to access entries easily!