提交 #189029: SourceCodester Free Hospital Management System for Small Practices 1.0 has a vertical privilege escalation vulnerability信息

标题SourceCodester Free Hospital Management System for Small Practices 1.0 has a vertical privilege escalation vulnerability
描述SourceCodester Free Hospital Management System for Small Practices 1.0 has a vertical privilege escalation vulnerability, allowing attackers to intercept redirects and gain unauthorized access to the administrative backend with system administrator privileges.The developer implemented a redirect in the permission check without using the die() or exit() functions to terminate the program execution, which resulted in vertical privilege escalation.
来源⚠️ https://github.com/Yesec/Free-Hospital-Management-System-for-Small-Practices/blob/main/vertical%20privilege%20escalation/vuln.md
用户
 YeSec (UID 50956)
提交2023-07-31 07時27分 (3 年前)
管理2023-08-05 18時40分 (5 days later)
状态已接受
VulDB条目236216 [SourceCodester Free Hospital Management System for Small Practices Redirect delete-doctor.php?id=2 权限提升]
积分20

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!