5 matches found
CVE-2024-50647
The pythonfood ordering system V1.0 has an unauthorized vulnerability that leads to the leakage of sensitive user information. Attackers can access it through https://ip:port/api/myapp/index/user/info?id=1 And modify the ID value to obtain sensitive user information beyond authorization...
python_food 安全漏洞
pythonfood is a takeout ordering website by Tim Green, a personal developer. A security vulnerability exists in pythonfood version V1.0. An attacker can exploit the vulnerability to gain access to sensitive information...
CVE-2024-50647
The pythonfood ordering system V1.0 has an unauthorized vulnerability that leads to the leakage of sensitive user information. Attackers can access it through https://ip:port/api/myapp/index/user/info?id=1 And modify the ID value to obtain sensitive user information beyond authorization...
CVE-2024-50647
The pythonfood ordering system V1.0 has an unauthorized vulnerability that leads to the leakage of sensitive user information. Attackers can access it through https://ip:port/api/myapp/index/user/info?id=1 And modify the ID value to obtain sensitive user information beyond authorization...
CVE-2024-50647
The CVE-2024-50647 entry concerns the python_food ordering system V1.0, where an unauthorized access flaw affects the /api/myapp/index/user/info endpoint. The root cause appears to be missing authorization checks, allowing an attacker to modify the id parameter (id=1) to enumerate or access sensi...