3 matches found
CVE-2025-50870
Institute-of-Current-Students 1.0 is vulnerable to Incorrect Access Control in the mydetailsstudent.php endpoint. The myds GET parameter accepts an email address as input and directly returns the corresponding student's personal information without validating the identity or permissions of the...
CVE-2025-50870
Institute-of-Current-Students 1.0 is vulnerable to Incorrect Access Control in the mydetailsstudent.php endpoint. The myds GET parameter accepts an email address as input and directly returns the corresponding student's personal information without validating the identity or permissions of the...
CVE-2025-50870
The CVE-2025-50870 affects Institute-of-Current-Students version 1.0, where the mydetailsstudent.php endpoint's myds GET parameter accepts an email and returns the corresponding student’s personal information without validating the requester’s identity or permissions. This Incorrect Access Contro...