CyberSec.Space Logo
返回 CVE 瀏覽器

CVE-2021-35337

MEDIUM
4.3
CVSS Severity Score
EPSS Score0.0280%
EPSS Percentile39.16th
Published2021年7月1日
Last Modified2024年11月21日

Vulnerability Description

Sourcecodester Phone Shop Sales Managements System 1.0 is vulnerable to Insecure Direct Object Reference (IDOR). Any attacker will be able to see the invoices of different users by changing the id parameter.

Affected Platforms (CPE)

📦
Phone Shop Sales Management System Project

Phone Shop Sales Management System

= 1.0

References & Advisories

🔗 https://www.exploit-db.com/exploits/50050
🔗 https://www.exploit-db.com/exploits/50050

相關漏洞威脅

CVE-2021-366239.8

Arbitrary File Upload in Sourcecodester Phone Shop Sales Management System 1.0 enables RCE.

CVE-2021-366249.8

Sourcecodester Phone Shop Sales Managements System version 1.0 suffers from a remote SQL injection vulnerability that allows for a...

CVE-2021-365609.8

Phone Shop Sales Managements System using PHP with Source Code 1.0 is vulnerable to authentication bypass which leads to account t...

CVE-2021-024810.0

This issue is not applicable to NFX NextGen Software. On NFX Series devices the use of Hard-coded Credentials in Juniper Networks ...