CVE-2023-6773 | CodeAstro POS and Inventory Management System 1.0 User Creation register_account account_type access control

Inserito da Angelo Barbosa | Dic 13, 2023 | CVE

A vulnerability has been found in CodeAstro POS and Inventory Management System 1.0 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file /accounts_con/register_account of the component User Creation Handler. The manipulation of the argument account_type with the input Admin leads to improper access controls.

This vulnerability is known as CVE-2023-6773. The attack can be launched remotely. Furthermore, there is an exploit available.

CVE-2023-6773 | CodeAstro POS and Inventory Management System 1.0 User Creation register_account account_type access control

Post correlati

CVE-2023-49231 | Stilog Visual Planning 8 Administrative API Token improper authentication

CVE-2024-42581 | Warehouse Inventory System 2.0 delete_group.php cross-site request forgery

CVE-2024-3734 | FOX Plugin up to 1.4.1.8 on WordPress Shortcode Remote Code Execution

CVE-2023-47526 | Chartify Plugin up to 2.0.6 on WordPress cross site scripting