Submit #484917: CampCodes School Management Software 1.0 Insecure Direct Object Reference (IDOR)info

TitelCampCodes School Management Software 1.0 Insecure Direct Object Reference (IDOR)
BeschreibungVendor and Product Information: Vendor: CampCodes Product: School Management Software Product URL: https://www.campcodes.com/downloads/school-management-software-in-php-mysql-full-source-code/ Vulnerability Name: Insecure Direct Object Reference (IDOR) - All Student Homework Downloadable Description: The students of different classes using the application have option to upload their respective HomeWorks. However, it was observed that student and homework have unique ID’s which are sequential and guessable. It makes it easy for one student from one class to download homework done by another student of another class.
Quelle⚠️ https://github.com/KhukuriRimal/Vulnerabilities/blob/main/Insecure%20Direct%20Object%20Reference%20(IDOR)%20-%20All%20Student%20Homework%20Downloadable.pdf
Benutzer
 khukuririmal (UID 80171)
Einreichung18.01.2025 12:36 (vor 1 Jahr)
Moderieren21.01.2025 18:27 (3 days later)
StatusAkzeptiert
VulDB Eintrag292737 [CampCodes School Management Software 1.0 Attachment erweiterte Rechte]
Punkte20

Do you want to use VulDB in your project?

Use the official API to access entries easily!