A Broken Access Control vulnerability was found in /admin/update.php and /admin/dashboard.php in Kashipara Online Exam System v1.0, which allows remote unauthenticated attackers to view administrator dashboard and delete valid user accounts via the direct URL access.
Metrics
Affected Vendors & Products
References
History
Wed, 21 Aug 2024 21:30:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Kashipara
Kashipara online Exam System |
|
Weaknesses | CWE-284 | |
CPEs | cpe:2.3:a:kashipara:online_exam_system:1.0:*:*:*:*:*:*:* | |
Vendors & Products |
Kashipara
Kashipara online Exam System |
|
Metrics |
ssvc
|
Thu, 15 Aug 2024 14:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Jayesh
Jayesh online Exam System |
|
Weaknesses | NVD-CWE-Other | |
CPEs | cpe:2.3:a:jayesh:online_exam_system:1.0:*:*:*:*:*:*:* | |
Vendors & Products |
Jayesh
Jayesh online Exam System |
|
Metrics |
cvssV3_1
|
Fri, 09 Aug 2024 16:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Description | A Broken Access Control vulnerability was found in /admin/update.php and /admin/dashboard.php in Kashipara Online Exam System v1.0, which allows remote unauthenticated attackers to view administrator dashboard and delete valid user accounts via the direct URL access. | |
References |
|
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2024-08-09T00:00:00
Updated: 2024-08-21T20:30:47.533Z
Reserved: 2024-07-05T00:00:00
Link: CVE-2024-40480
Vulnrichment
Updated: 2024-08-21T20:29:50.975Z
NVD
Status : Modified
Published: 2024-08-12T13:38:29.003
Modified: 2024-08-21T21:35:08.270
Link: CVE-2024-40480
Redhat
No data.