Lucene search
HistoryAug 12, 2024 - 1:38 p.m.
CVE-2024-41332
access control
delete function
arbitrary deletion
low-level privileges
sourcecodester computer laboratory management system v1.0
CVSS3
6.5
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
EPSS
0.001
Percentile
21.4%
Incorrect access control in the delete_category function of Sourcecodester Computer Laboratory Management System v1.0 allows authenticated attackers with low-level privileges to arbitrarily delete categories.
Affected configurations
Node
oretnom23computer_laboratory_management_systemMatch1.0
| Vendor | Product | Version | CPE |
|---|---|---|---|
| oretnom23 | computer_laboratory_management_system | 1.0 | cpe:2.3:a:oretnom23:computer_laboratory_management_system:1.0:*:*:*:*:*:*:* |
Related
zdt
zdt
Computer Laboratory Management System 1.0 Privilege Escalation Vulnerability
2024-08-07 00:00:00
packetstorm
packetstorm
Computer Laboratory Management System 1.0 Privilege Escalation
2024-08-02 00:00:00
cve
cve
CVE-2024-41332
2024-08-12 13:38:30
cvelist
cvelist
CVE-2024-41332
2024-08-09 00:00:00
vulnrichment
vulnrichment
CVE-2024-41332
2024-08-09 00:00:00
CVSS3
6.5
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
EPSS
0.001
Percentile
21.4%
Related for NVD:CVE-2024-41332