Lucene search

CVE-2024-35353

🗓️ 30 May 2024 17:33:15Reported by mitreType

cve🔗 web.nvd.nist.gov👁 71 Views🌐 WEB

Vulnerability in Diño Physics School Assistant 2.3, impacting /classes/Users.php file

AI Insights are available for you today

Leverage the power of AI to quickly understand vulnerabilities, impacts, and exploitability

Reporter	Title	Published	Views	Family All 4
Cvelist	CVE-2024-35353	30 May 202416:06	–	cvelist
NVD	CVE-2024-35353	30 May 202417:15	–	nvd
Vulnrichment	CVE-2024-35353	30 May 202416:06	–	vulnrichment
RedhatCVE	CVE-2024-35353	14 Feb 202501:21	–	redhatcve

Nvd

Node

dino_physics_school_assistant_project dino_physics_school_assistantMatch2.3

Source	Link
vuln	www.vuln.pentester.stream/pentester-vulnerability-research/post/2298777/vuln8-insecure-direct-object-references-idor

Parameter	Position	Path	Description	CWE
id	query param	/classes/Users.php?f=save	Improper authorization due to manipulation of the 'id' parameter.	CWE-863

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

30 May 2024 17:15Current

7.1High risk

Vulners AI Score7.1

CVSS39.8

EPSS0.00222

SSVC

CWE-863