CV1523/CVEs

Releases0

CVE History

CVE	Published	CVSS v3	CVSS v2
CVE-2024-55506 ↗	Dec 18, 2024Wednesday, 18 December 2024, 23:15	8.8 HIGH	—
An IDOR vulnerability in CodeAstro's Complaint Management System v1.0 (version with 0 updates) enables an attacker to execute arbitrary code and obtain sensitive information via the delete.php file and modifying the id parameter.
CVE-2024-55231 ↗	Dec 18, 2024Wednesday, 18 December 2024, 22:15	4.3 MEDIUM	—
An IDOR vulnerability in the edit-notes.php module of PHPGurukul Online Notes Sharing Management System v1.0 allows unauthorized users to modify notes belonging to other accounts due to missing authorization checks. This flaw exposes sensitive data and enables attackers to alter another user's information.
CVE-2024-55232 ↗	Dec 18, 2024Wednesday, 18 December 2024, 22:15	5.4 MEDIUM	—
An IDOR vulnerability in the manage-notes.php module in PHPGurukul Online Notes Sharing Management System v1.0 allows unauthorized users to delete notes belonging to other accounts due to missing authorization checks. This flaw enables attackers to delete another user's information.
CVE-2024-55505 ↗	Dec 18, 2024Wednesday, 18 December 2024, 22:15	8.8 HIGH	—
An issue in CodeAstro Complaint Management System v.1.0 allows a remote attacker to escalate privileges via the mess-view.php component.