Lucene search
K

CVE-2024-24496

🗓️ 08 Feb 2024 00:00:00Reported by mitreType 
cve
 cve
🔗 web.nvd.nist.gov👁 48 Views🌐 WEB

An issue in Daily Habit Tracker v.1.0 allows remote attacker to manipulate trackers via the home.php, add-tracker.php, delete-tracker.php, update-tracker.php components

Related
Detection
Refs
Paths
ReporterTitlePublishedViews
Family
0day.today
Daily Habit Tracker 1.0 - Broken Access Control Vulnerability
2 Apr 202400:00
zdt
Circl
CVE-2024-24496
8 Feb 202422:26
circl
CNNVD
Daily Habit Tracker Authorization Issues Vulnerability
8 Feb 202400:00
cnnvd
Cvelist
CVE-2024-24496
8 Feb 202400:00
cvelist
Exploit DB
Daily Habit Tracker 1.0 - Broken Access Control
2 Apr 202400:00
exploitdb
NVD
CVE-2024-24496
8 Feb 202421:15
nvd
OSV
CVE-2024-24496
8 Feb 202421:15
osv
Packet Storm
Daily Habit Tracker 1.0 Broken Access Control
2 Apr 202400:00
packetstorm
Prion
Design/Logic Flaw
8 Feb 202421:15
prion
Positive Technologies
PT-2024-20421 · Unknown · Daily Habit Tracker
8 Feb 202400:00
ptsecurity
Rows per page
NVD
Vulnrichment
ParameterPositionPathDescriptionCWE
daterequest bodyhabit-tracker/endpoint/add-tracker.phpUnauthenticated creation of a tracker via add-tracker.php (Broken Access Control).CWE-284CWE-287
dayrequest bodyhabit-tracker/endpoint/add-tracker.phpUnauthenticated creation of a tracker via add-tracker.php (Broken Access Control).CWE-284CWE-287
exerciserequest bodyhabit-tracker/endpoint/add-tracker.phpUnauthenticated creation of a tracker via add-tracker.php (Broken Access Control).CWE-284CWE-287
prayrequest bodyhabit-tracker/endpoint/add-tracker.phpUnauthenticated creation of a tracker via add-tracker.php (Broken Access Control).CWE-284CWE-287
read_bookrequest bodyhabit-tracker/endpoint/add-tracker.phpUnauthenticated creation of a tracker via add-tracker.php (Broken Access Control).CWE-284CWE-287
vitaminsrequest bodyhabit-tracker/endpoint/add-tracker.phpUnauthenticated creation of a tracker via add-tracker.php (Broken Access Control).CWE-284CWE-287
laundryrequest bodyhabit-tracker/endpoint/add-tracker.phpUnauthenticated creation of a tracker via add-tracker.php (Broken Access Control).CWE-284CWE-287
alcoholrequest bodyhabit-tracker/endpoint/add-tracker.phpUnauthenticated creation of a tracker via add-tracker.php (Broken Access Control).CWE-284CWE-287
meatrequest bodyhabit-tracker/endpoint/add-tracker.phpUnauthenticated creation of a tracker via add-tracker.php (Broken Access Control).CWE-284CWE-287
tbl_tracker_idrequest bodyhabit-tracker/endpoint/update-tracker.phpUnauthenticated update of a tracker via update-tracker.php (Broken Access Control).CWE-284CWE-287
Rows per page

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

17 Jun 2026 07:14Current
9.3High risk
Vulners AI Score9.3
CVSS 3.19.8
EPSS0.19503
SSVC
48