제출 #487618: CampCodes School Management Software 1.0 Improper Privilege Management정보

제목CampCodes School Management Software 1.0 Improper Privilege Management
설명Vendor and Product Information: Vendor: CampCodes Product: School Management Software Product URL: https://www.campcodes.com/downloads/school-management-software-in-php-mysql-full-source-code/ Vulnerability Name: Sensitive Super Admin Data Exposure and Unauthorized Data Update via IDOR (Teacher Role to Super Admin Role) Description: It was observed that via IDOR a teacher can obtain the fetch the details of Super Admin which includes the admin’s sensitive Bank Account Details, Email ID, profile picture, Name Details etc. The teacher can further update the Super Admin’s account details such as Bank Account Details, Email ID, profile picture, name etc. This is a serious issue as a lower privilege user can manipulate and make modifications to super admin’s profile data.
원천⚠️ https://github.com/KhukuriRimal/Vulnerabilities/blob/main/Sensitive%20Super%20Admin%20Data%20Exposure%20and%20Unauthorized%20Data%20Update%20via%20IDOR%20(Teacher%20Role%20to%20Super%20Admin%20Role).pdf
사용자
 khukuririmal (UID 80171)
제출2025. 01. 22. PM 06:01 (1 년도 ago)
모더레이션2025. 01. 29. PM 06:12 (7 days later)
상태수락
VulDB 항목294012 [CampCodes School Management Software 1.0 Staff /edit-staff/ 권한 상승]
포인트들20

Might our Artificial Intelligence support you?

Check our Alexa App!