Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Sourcecodester Online Medicine Ordering System 1.0 is vulnerable to Incorrect Access Control. There is a lack of authorization checks for admin operations. Specifically, an attacker can perform admin-level actions without possessing a valid session token. The application does not verify whether the user is logged in as an admin or even check for a session token at all.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Online Medicine Ordering System 安全漏洞
Vulnerability Description
Online Medicine Ordering System是Carlo Montero个人开发者的一个网上订药系统。 Online Medicine Ordering System 1.0版本存在安全漏洞,该漏洞源于缺乏对管理员操作的授权检查,容易受到错误访问控制攻击,攻击者可以在不拥有有效会话令牌的情况下执行管理员级别的操作。
CVSS Information
N/A
Vulnerability Type
N/A