إرسال #484917: CampCodes School Management Software 1.0 Insecure Direct Object Reference (IDOR)المعلومات

عنوانCampCodes School Management Software 1.0 Insecure Direct Object Reference (IDOR)
الوصفVendor and Product Information: Vendor: CampCodes Product: School Management Software Product URL: https://www.campcodes.com/downloads/school-management-software-in-php-mysql-full-source-code/ Vulnerability Name: Insecure Direct Object Reference (IDOR) - All Student Homework Downloadable Description: The students of different classes using the application have option to upload their respective HomeWorks. However, it was observed that student and homework have unique ID’s which are sequential and guessable. It makes it easy for one student from one class to download homework done by another student of another class.
المصدر⚠️ https://github.com/KhukuriRimal/Vulnerabilities/blob/main/Insecure%20Direct%20Object%20Reference%20(IDOR)%20-%20All%20Student%20Homework%20Downloadable.pdf
المستخدم
 khukuririmal (UID 80171)
ارسال18/01/2025 12:36 PM (1 سنة منذ)
الاعتدال21/01/2025 06:27 PM (3 days later)
الحالةتمت الموافقة
إدخال VulDB292737 [CampCodes School Management Software 1.0 Attachment تجاوز الصلاحيات]
النقاط20

Do you need the next level of professionalism?

Upgrade your account now!