CVE-2021-42331

The “Study Edit” function of ShinHer StudyOnline System does not perform permission control. After logging in with user’s privilege, remote attackers can access and edit other users’ tutorial schedule by crafting URL parameters...

PT-2021-23574 · Unknown · Shinher Studyonline System

Name of the Vulnerable Software and Affected Versions: ShinHer StudyOnline System affected versions not specified Description: The issue concerns the "Study Edit" function, which lacks proper permission control. This allows remote attackers to access and edit other users' tutorial schedules by...