PT-2025-4059 · Sourcecodester · Sourcecodester Best Employee Management System
Published
2025-01-29
·
Updated
2025-08-02
·
CVE-2025-0802
CVSS v3.1
8.1
High
| Vector | AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N |
Name of the Vulnerable Software and Affected Versions
SourceCodester Best Employee Management System version 1.0
Description
A critical issue was found in the Administrative Endpoint component, specifically in the file /admin/View user.php, leading to improper access controls. The attack can be launched remotely. The issue has been publicly disclosed and may be exploited.
Recommendations
SourceCodester Best Employee Management System version 1.0: Update the /admin/View user.php file to implement proper access controls, ensuring that remote attacks are mitigated. As a temporary workaround, consider restricting access to the /admin/View user.php file until the issue is resolved.
Exploit
Fix
Improper Access Control
Incorrect Privilege Assignment
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Sourcecodester Best Employee Management System