| Título | a4m4 Student-Management-System--PHP- 1.0 Unauthenticated Access |
|---|
| Descripción | The `admin/deleteform.php` and `admin/updatedata.php` scripts handle crucial data manipulation tasks (student deletion and updates), yet they completely lack any form of authentication or authorisation. Neither `session_start()` nor the usual session validation code is present. The scripts immediately process the incoming HTTP request and execute SQL statements.
Example from `admin/deleteform.php` (lines 3–6):
```php
include ('../dbcon.php');
$id = $_REQUEST['sid'];
$qry = "DELETE FROM `student` WHERE `id`= '$id' ";
```
Because these endpoints are accessible to anyone who knows the path, an unauthenticated attacker can arbitrarily delete or modify student records, causing severe data integrity and availability issues. |
|---|
| Fuente | ⚠️ https://github.com/a4m4/Student-Management-System--PHP-/issues/3 |
|---|
| Usuario | oxygen (UID 97921) |
|---|
| Sumisión | 2026-05-11 06:10 (hace 26 días) |
|---|
| Moderación | 2026-05-31 16:16 (20 days later) |
|---|
| Estado | Aceptado |
|---|
| Entrada de VulDB | 367551 [a4m4 Student-Management-System hasta f0c5f6842c5e8c431ff02b5260a565ca844df3a0 admin/deleteform.php sid escalada de privilegios] |
|---|
| Puntos | 20 |
|---|