Описание
PHPGurukul Blood Donor Management System 1.0 does not properly restrict access to admin/dashboard.php, which allows attackers to access all data of users, delete the users, add and manage Blood Group, and Submit Report.
Ссылки
- ExploitThird Party Advisory
- ExploitThird Party Advisory
- Broken Link
- Product
- ExploitThird Party Advisory
- ExploitThird Party Advisory
- Broken Link
- Product
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:phpgurukul_blood_donor_management_system_project:phpgurukul_blood_donor_management_system:1.0:*:*:*:*:*:*:*
EPSS
Процентиль: 92%
0.07464
Низкий
8.1 High
CVSS3
Дефекты
CWE-668
CWE-668
Связанные уязвимости
CVSS3: 8.1
github
около 3 лет назад
PHPGurukul Blood Donor Management System 1.0 does not properly restrict access to admin/dashboard.php, which allows attackers to access all data of users, delete the users, add and manage Blood Group, and Submit Report.
EPSS
Процентиль: 92%
0.07464
Низкий
8.1 High
CVSS3
Дефекты
CWE-668
CWE-668