CVE-2021-46075 Exploit Title: Vehicle Service Management System – ‘Multiple’ Privilege Escalation Leads to CRUD OperationsExploit Author: P.L.SanuCVE: CVE-2021-46075CVSS: 7.2 HIGHReferences:https://www.plsanu.com/vehicle-service-management-system-multiple-privilege-escalation-leads-to-crud-operationshttps://nvd.nist.gov/vuln/detail/CVE-2021-46075https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-46075 Description:A Privilege Escalation vulnerability exists in Sourcecodester Vehicle Service Management System 1.0. Staff account users can access the admin resources and perform CRUD Operations. 1. Vehicle Service Management System – ‘User List’ (/admin/?page=user/list) (/admin/?page=user/manage_user) Exploit:1. … Continue reading Vehicle Service Management System – ‘Multiple’ Privilege Escalation Leads to CRUD Operations