Access Control Vulnerability in Ingredient Stock Management System v1.0 Allows Account Takeover via Crafted POST Request

Access Control Vulnerability in Ingredient Stock Management System v1.0 Allows Account Takeover via Crafted POST Request

CVE-2022-32310 · CRITICAL Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

An access control issue in Ingredient Stock Management System v1.0 allows attackers to take over user accounts via a crafted POST request to /isms/classes/Users.php.

Learn more about our User Device Pen Test.