National Cyber Warfare Foundation (NCWF) Forums


CVE-2023-46449 (inventory_management_system)
0 user ratings		2023-10-30 16:11:50
milo
CVEs
 - archive -- 
Sourcecodester Free and Open Source inventory management system v1.0 is vulnerable to Incorrect Access Control. An arbitrary user can change the password of another user and takeover the account via IDOR in the password change function.

CVE-2023-46449 (inventory_management_system)
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-46449
Sourcecodester Free and Open Source inventory management system v1.0 is vulnerable to Incorrect Access Control. An arbitrary user can change the password of another user and takeover the account via IDOR in the password change function.
2023-10-26T15:15:09Z

Source: CVEAnnouncements
Source Link: https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-46449

Comments
new comment
Nobody has commented yet. Will you be the first?
  
Forum
CVEs


Copyright 2012 through 2024 - National Cyber Warfare Foundation - All rights reserved worldwide.