General users can modify the administrator password and account infomation vulnerability .
for example:
The account test123 can chanage the admin password!!!
step 1:
log in test123:
Step 2:
edit Any non-administrator account:
Step 3:
Save the chanage:
Then Intercept the packets and chanage the "id" and "fuel_id" value 1
Success :
Step 4:
log in admin use new password :
The text was updated successfully, but these errors were encountered:
General users can modify the administrator password and account infomation vulnerability .










for example:
The account test123 can chanage the admin password!!!
step 1:
log in test123:
Step 2:
edit Any non-administrator account:
Step 3:
Save the chanage:
Then Intercept the packets and chanage the "id" and "fuel_id" value 1
Success :
Step 4:
log in admin use new password :
The text was updated successfully, but these errors were encountered: