mCarFix Motorists App Improper Access Control Vulnerability Allowing Account Misuse and Privacy Breaches

Vulnerability

A vulnerability in the mCarFix Motorists App, version 2.3, developed by Paniel Mwaura, has been identified. This vulnerability involves improper access control, allowing attackers to bypass verification processes to register accounts arbitrarily. Additionally, by manipulating sequential numeric IDs, attackers could gain unauthorized access to user data and groups. Exploiting this vulnerability could lead to the creation of fake accounts, breaches of privacy, and misuse of the platform.

Impact

Exploitation of this vulnerability could result in unauthorized account creation, access to sensitive user data and groups, and potential misuse of the mCarFix platform.

Added: Oct 30, 2025, 4:18 PM

Updated: Oct 30, 2025, 9:32 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

5.0

exploitability

6.2

remediation

0.0

relevance

0.9

threat

0.0

urgency

2.9

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

5.0

exploitability

6.2

remediation

0.0

relevance

0.9

threat

0.0

urgency

2.9

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

mCarFix Motorists App Improper Access Control Vulnerability Allowing Account Misuse and Privacy Breaches

Vulnerability

Impact

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating