Описание
An IDOR vulnerability in the manage-notes.php module in PHPGurukul Online Notes Sharing Management System v1.0 allows unauthorized users to delete notes belonging to other accounts due to missing authorization checks. This flaw enables attackers to delete another user's information.
Ссылки
- ExploitThird Party Advisory
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:phpgurukul:online_notes_sharing_management_system:1.0:*:*:*:*:*:*:*
EPSS
Процентиль: 17%
0.00054
Низкий
5.4 Medium
CVSS3
Дефекты
CWE-290
Связанные уязвимости
CVSS3: 5.4
github
около 1 года назад
An IDOR vulnerability in the manage-notes.php module in PHPGurukul Online Notes Sharing Management System v1.0 allows unauthorized users to delete notes belonging to other accounts due to missing authorization checks. This flaw enables attackers to delete another user's information.
EPSS
Процентиль: 17%
0.00054
Низкий
5.4 Medium
CVSS3
Дефекты
CWE-290