| Title | sayan365 student-management-system 1.0 Unauthenticated Access |
|---|
| Description | The project enforces login checks only on `index.php`, `add_*`, and `view_*` pages. However, multiple critical **edit** and **delete** endpoints completely lack any session validation. Files like `edit_student.php` do not call `session_start()` and never check for `$_SESSION['username']`. As a result, an unauthenticated attacker can directly access these pages, read existing data, submit modifications, or trigger deletion actions without ever logging in.
Example from `edit_student.php`:
```php
<?php
include 'db.php';
if (isset($_GET['id'])) {
// no session check at all
...
if ($_SERVER['REQUEST_METHOD'] === 'POST') {
// update logic
}
}
``` |
|---|
| Source | ⚠️ https://github.com/sayan365/student-management-system/issues/2 |
|---|
| User | guobei (UID 97647) |
|---|
| Submission | 05/14/2026 09:26 (27 days ago) |
|---|
| Moderation | 06/03/2026 07:36 (20 days later) |
|---|
| Status | Duplicate |
|---|
| VulDB entry | 367927 [sayan365 student-management-system up to 7f3c9ce7d410332335c2affac93a385485051800 improper authentication] |
|---|
| Points | 0 |
|---|