2 matches found
Daily Habit Tracker 1.0 - Broken Access Control Vulnerability
Exploit Title: Daily Habit Tracker 1.0 - Broken Access Control Exploit Author: Yevhenii Butenko Vendor Homepage: https://www.sourcecodester.com Software Link: https://www.sourcecodester.com/php/17118/daily-habit-tracker-using-php-and-mysql-source-code.html Version: 1.0 Tested on: Debian CVE :...
CVE-2024-24496
The issue is in Daily Habit Tracker v1.0, where home.php , add-tracker.php , delete-tracker.php , and update-tracker.php suffer from broken access control, enabling unauthenticated manipulation of trackers. A remote attacker can access/modify trackers via these components, per multiple sources (R...