| Название | PHPGurukul Pre-School Enrollment System 1.0 access control |
|---|
| Описание | There is a vertical override vulnerability in the/admin/add-subadmin.php system. In the system design, only super administrators can add sub administrators, but due to the lack of verification of user session identity in request verification. Resulting in low privileged users being able to successfully send requests to add sub administrators directly.Please refer to the following source code for details. |
|---|
| Источник | ⚠️ https://github.com/SECWG/cve/issues/3 |
|---|
| Пользователь | WenGui (UID 82184) |
|---|
| Представление | 05.03.2025 17:11 (1 Год назад) |
|---|
| Модерация | 07.03.2025 07:21 (2 days later) |
|---|
| Статус | принято |
|---|
| Запись VulDB | 298904 [PHPGurukul Pre-School Enrollment System 1.0 Sub Admin /admin/add-subadmin.php эскалация привилегий] |
|---|
| Баллы | 19 |
|---|