Incorrect Access Control Vulnerability in Sourcecodester Engineers Online Portal

Incorrect Access Control Vulnerability in Sourcecodester Engineers Online Portal

CVE-2021-42671 · HIGH Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

An incorrect access control vulnerability exists in Sourcecodester Engineers Online Portal in PHP in nia_munoz_monitoring_system/admin/uploads. An attacker can leverage this vulnerability in order to bypass access controls and access all the files uploaded to the web server without the need of authentication or authorization.

Learn more about our Web App Pen Testing.