CVE-2023-49543

CRITICAL

Book Store Management System v1 - Unauthenticated Improper Access Control

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2023-49543. PoCs published by geraldoalcantara.

AI-analyzed exploit summary The repository provides a detailed description of an incorrect access control vulnerability in Book Store Management System v1.0, allowing unauthenticated users to perform administrative actions. It includes steps to reproduce the issue but lacks functional exploit code.

Description

Incorrect access control in Book Store Management System v1 allows attackers to access unauthorized pages and execute administrative functions without authenticating.

Exploits (1)

nomisec WRITEUP
by geraldoalcantara · poc
https://github.com/geraldoalcantara/CVE-2023-49543

The repository provides a detailed description of an incorrect access control vulnerability in Book Store Management System v1.0, allowing unauthenticated users to perform administrative actions. It includes steps to reproduce the issue but lacks functional exploit code.

Classification
Writeup 90%
Attack Type
Auth Bypass
Complexity
Trivial
Reliability
Reliable
Target: Book Store Management System v1.0
No auth needed
Prerequisites: Access to the vulnerable application
devstral-2 · analyzed Feb 18, 2026 Full analysis →

References (3)

Core 3

Scores

CVSS v3 9.8
EPSS 0.0096
EPSS Percentile 57.0%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment
Exploitation poc
Automatable yes
Technical Impact total

Details

CWE
CWE-284
Status published
Products (1)
book_store_management_system_project/book_store_management_system 1.0
Published Mar 01, 2024
Tracked Since Feb 18, 2026