Unrated severityNVD Advisory· Published Dec 31, 2024· Updated Dec 31, 2024
CodeAstro Online Food Ordering System All Users Page all_users.php access control
CVE-2024-13067
Description
A vulnerability was found in CodeAstro Online Food Ordering System 1.0 and classified as critical. This issue affects some unknown processing of the file /admin/all_users.php of the component All Users Page. The manipulation leads to improper access controls. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2= 1.0+ 1 more
- (no CPE)range: = 1.0
- (no CPE)range: 1.0
Patches
Vulnerability mechanics
References
5- github.com/shaturo1337/POCs/blob/main/Broken%20Access%20Control%20in%20Online%20Food%20Ordering%20System.mdmitreexploit
- vuldb.commitrethird-party-advisory
- codeastro.commitreproduct
- vuldb.commitresignaturepermissions-required
- vuldb.commitrevdb-entry
News mentions
0No linked articles in our index yet.